Aggregator

В Париже внедрена новая система ИИ наблюдения.

Hackers continuously exploit malicious Python packages to attack developer environments and inject harmful code that enables them to steal sensitive information, install malware, or create backdoors. The method takes advantage of the widely-used repositories for packaging consequently creating a widespread impact with minimum effort from the attackers. Cybersecurity researchers at CheckMarx recently identified that threat […]

The post Malicious Python Package Attacking macOS Developers To Steal Google Cloud Logins appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

Методы хакеров переносят искусственный интеллект на темную сторону.

Почему Meta не спешит принимать меры для защиты пользователей?

该论文提出了一种使用文本描述驱动的3D模型可控生成方案Coin3D，可以根据用户搭建的粗糙几何模型与简单文本描述来生成带纹理的三维模型，在功能上类似于3D版本的ControlNet。

Ever attuned to the latest trends, cybercriminals distribute malicious tools that pose as ChatGPT, Midjourney and other generative AI assistants

Thousands of customers of cryptocurrency exchange Gemini have had personal data compromised

Фишинговые тактики становятся всё более изощрёнными благодаря умным алгоритмам.

KAPE(Kroll Artifact Parser and Extractor)用于获取和解析 Window阅读更多

Hackers often attack secure boot during the boot process to execute unauthorized code, which gives them the ability to bypass a system’s security measures. By compromising Secure Boot, they can install rootkits and malware at a low level, gaining persistent control over the system and evading traditional security defenses. The Binarly Research Team discovered a […]

The post PKfail, Critical Firmware Supply-Chain Issue Let Attackers Bypass Secure Boot appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

A malicious campaign emerged on June 21, 2024, distributing a JavaScript file hosted on grupotefex.com, which executes an MSI installer, subsequently dropping a Brute Ratel Badger DLL into the user’s AppData.  The command-and-control framework Brute Ratel then downloads and inserts the stealthy Latrodectus backdoor, which gives threat actors remote control, the ability to steal data, […]

The post Hackers Attacking Users Searching For W2 Form appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

一、境外厂商产品漏洞 1、PDF-XChange Editor栈缓冲区溢出漏洞（CNVD-2024-33502）

2024年07月22日-2023年07月28日 本周漏洞态势研判情况本周信息安全漏洞威胁整体评价级别为中。

Onyx Sleet, a cyber espionage group also known as SILENT CHOLLIMA, Andariel, DarkSeoul, Stonefly, and TDrop2, mainly targets the military, defense sector, and technology in the United States, South Korea, and India. The group historically used spear-phishing, but they have now started using N-day vulnerabilities, such as in their October 2023 attack on TeamCity. To […]

The post North Korean Onyx Sleet Using Group Of Malware And Exploits to Gain Intelligence appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

文章讲述了利用Nginx WebUI的RCE漏洞进行渗透测试，通过Python脚本和NPS工具，成功获取内网服务和数据库访问权限的过程。

国内ai，注册几个使用，视频生成需要申请内测，现在申请大概率秒过。 可以设置不同氛围，运镜，风格。   卡通3d风格，怎么说呢，感觉有点一言难尽。。。 https://chatglm...

Cisco has issued patches for multiple products affected by a critical vulnerability in the RADIUS protocol. The vulnerability, identified as CVE-2024-3596, was disclosed by security researchers on July 7, 2024. This flaw allows an on-path attacker to forge responses using a chosen prefix collision attack against the MD5 Response Authenticator signature. Cisco has been actively […]

The post Cisco Patches the Products Impacted by RADIUS Protocol Vulnerability appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

Последствия атаки на Selenium Grid приводит к разным последствиям - от потери ресурсов до утечки данных.

据纽约时报27日报道，韩国国防情报指挥部遭遇重大泄密事件，敏感情报流向朝鲜，包括海外特工的个人信息。这一事件对韩国情报收集能力构成严重威胁，可能削弱其对朝鲜的情报优势。韩国军方已启动调查，计划对泄密责任人采取严厉措施。