Aggregator

A massive Android ad fraud operation dubbed "SlopAds" was disrupted after 224 malicious applications on Google Play were used to generate 2.3 billion ad requests per day. [...]

Luxury fashion company Kering has confirmed a data exfiltration incident in which threat actor Shiny Hunters accessed private customer records for Gucci, Balenciaga, and Alexander McQueen. The breach, detected in June but occurring in April, exposed personally identifiable information (PII) for an estimated 7.4 million unique email addresses. Key Takeaways1. PII and spend data of […]

The post Hackers Stolen Millions of Users Personal Data from Gucci, Balenciaga and Alexander McQueen Stores appeared first on Cyber Security News.

Мессенджер начал тестировать замену паспорта цифровой версией.

JLR vs. SLH: Jaguar Land Rover woes worse than previously thought.

The post Jaguar Land Rover Admits to Longer Shutdown as Childish Hackers Troll Carmaker appeared first on Security Boulevard.

Alleged Sale of Unauthorized Access to an Unidentified Fashion Store in India

Security researchers have identified at least 187 npm packages compromised in an ongoing supply chain attack. The coordinated worm-style campaign dubbed 'Shai-Hulud' started yesterday with the compromise of the @ctrl/tinycolor npm package, and has now expanded to CrowdStrike's npm namespace. [...]

The announcement comes weeks after the parents of a teenager who killed himself sued the tech giant for allegedly helping their son draft a suicide note and giving him tips for how to do so most effectively.

Alleged Sale of U.S. Driver’s Licenses, Selfies, and Taxpayer Documents

Cybersecurity researchers have disclosed multiple critical security vulnerabilities in Chaos Mesh that, if successfully exploited, could lead to cluster takeover in Kubernetes environments. "Attackers need only minimal in-cluster network access to exploit these vulnerabilities, execute the platform's fault injections (such as shutting down pods or disrupting network communications), and perform

OpenAI 与哈佛大学经济学家 David Denning 合作发表论文，首次使用内部数据披露用户是如何使用 ChatGPT 的。论文显示：ChatGPT 用户数从 2024 年初的 1 亿增长到 2025 年的逾 7 亿，全球约十分之一成年人人口使用它，每天发送 26 亿条消息，日流量为 Google 的五分之一；长期用户的日活跃度自 2025 年 6 月以来趋稳，近期的新增长来自于新注册用户；46% 的用户年龄在 18-25 岁之间；2022 年推出时八成用户为男性，如今女性用户占 52.4%；2025 年中期 72% 的使用与工作无关，用户更多将 ChatGPT 用于个人、创意和休闲需求而非生产力；28% 的对话涉及写作辅助（电子邮件、编辑、翻译），工作相关查询中写作辅助的比例提高到 42%，商业/管理职位中这一比例达到了 52%；14.9% 的工作相关使用与“做出决策和解决问题”相关。。

Currently trending CVE - Hype Score: 1 - In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix wrong next length validation of ea buffer in smb2_set_ea() There are multiple smb2_ea_info buffers in FILE_FULL_EA_INFORMATION request from client. ksmbd find next smb2_ea_info using ...

Currently trending CVE - Hype Score: 1 - In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slub overflow in ksmbd_decode_ntlmssp_auth_blob() If authblob->SessionKey.Length is bigger than session key size(CIFS_KEY_SIZE), slub overflow can happen in key exchange codes. cifs_arc4_crypt copy ...

Currently trending CVE - Hype Score: 21 - Free of memory not on the heap in Microsoft Office allows an unauthorized attacker to execute code locally.

Currently trending CVE - Hype Score: 21 - Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.

Seraphic today announced at Fal.Con 2025 that its Secure Enterprise Browser (SEB) solution is now available for purchase in the CrowdStrike Marketplace, a one-stop destination for the world-class ecosystem of CrowdStrike-compatible security products. This availability enables customers to discover, buy, and implement Seraphic’s browser-native protection directly within the CrowdStrike Falcon platform. With this release, Seraphic […]

The post Las Vegas, United States, September 16th, 2025, CyberNewsWire appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Microsoft has announced that the Windows Management Instrumentation Command-line (WMIC) tool will be removed after upgrading to Windows 11 25H2 and later. [...]

《人工智能安全治理框架》2.0版 by ourren

更多最新文章，请访问SecWiki

某在线拍卖系统代码审计

Las Vegas, United States, September 16th, 2025, CyberNewsWire Seraphic today announced at Fal.Con 2025 that its Secure Enterprise Browser (SEB) solution is now available for purchase in the CrowdStrike Marketplace, a one-stop destination for the world-class ecosystem of CrowdStrike-compatible security products. This availability enables customers to discover, buy, and implement Seraphic’s browser-native protection directly within […]

The post Seraphic Browser-Native Protection Now Available for Purchase on the CrowdStrike Marketplace appeared first on Cyber Security News.

Fifteen ransomware groups have claimed shutdown on BreachForums; experts warn of rebrands and copycats