Aggregator

关键词数据泄露最近针对英国零售商Marks和Spencer的勒索软件攻击暴露了敏感的客户信息,引发了网络安全专

关键词安全漏洞本周全球网络安全态势依旧紧张，多个关键漏洞正被黑客组织大规模利用。

关键词Intel苏黎世联邦理工学院（ETH Zürich）的安全团队近日披露了英特尔处理器中的一个新型侧信道漏

关键词数据安全奥地利隐私组织noyb于5月27日向Meta爱尔兰总部发出法律警告，反对其未经用户明示同意（op

Alright, you’ve come this far. You’ve admitted that your SEG isn’t exactly the security soulmate you thought it was. Maybe you’ve even started to notice the red flags – missed phishes, frustrated clients, constant rule tuning. But breaking up is a process, and before you can move on to something better, it’s important to assess the current state of the relationship.

The post Modern Threats, Missed Phish: How Exposed Are You? (Part 2) appeared first on Security Boulevard.

An analysis by Robert Walters found there are around 17,000 cybersecurity vacancies in the UK currently, with organizations struggling to fill open positions

A high-severity Chrome vulnerability (CVE-2025-4664) that Google has fixed on Wednesday is being leveraged by attackers, CISA has confirmed by adding the flaw to its Known Exploited Vulnerabilities catalog. About CVE-2025-4664 CVE-2025-4664 stems from insufficient policy enforcement in Google Chrome’s Loader, which attackers can use to make the browser leak cross-origin data that can be used to take over accounts. The vulnerability can be triggered with a maliciously crafted HTML page, on Chrome versions prior … More →

The post CISA: Recently fixed Chrome vulnerability exploited in the wild (CVE-2025-4664) appeared first on Help Net Security.

近日，绿盟科技CERT监测到微软发布5月安全更新补丁，修复了78个安全问题，涉及Windows、Microsoft Office、Azure、Outlook等广泛使用的产品，其中包括权限提升、远程代码执行等高危漏洞类型。

近日，绿盟科技CERT监测到Ivanti发布安全公告，修复了Ivanti EPMM中的漏洞(CVE-2025-4427/CVE-2025-4428)，目前漏洞细节与PoC已公开，且发现在野利用，请相关用户尽快采取措施进行防护。

以模制模，数智赋能石油石化新质生产力发展

打造数字化转型高校标杆

Hackers from the Scattered Spider group, known for UK retail attacks, are now targeting US retailers, Google cybersecurity…

速修复

速修复

Cranium has launched Arena, an AI red teaming platform built to proactively test and secure AI systems across the full model and supply chain lifecycle. As artificial intelligence continues its rapid integration into enterprise infrastructure, so too does the urgency for scalable and intelligent risk management. Cranium Arena provides a hands-on environment where organizations can simulate real-world cyber threats—both automated and human-led—against their AI models before attackers strike. “AI systems today are as powerful as they are … More →

The post Cranium introduces AI red teaming platform appeared first on Help Net Security.

我们是专注AI编程安全的啄木鸟团队。

Data is the lifeblood of productivity, and protecting sensitive data is more critical than ever. With cyber threats evolving rapidly and data privacy regulations tightening, organizations must stay vigilant and proactive to safeguard their most valuable assets. But how do you build an effective data protection framework? In this article, we'll explore data protection best practices from meeting

What happens when you skip memory allocation, skip writing, and weaponize thread context alone? This post explores a new class of process injection that lives entirely in the execution layer — no alloc, no write, just a well-placed hijack.

关注安全419,及时获取更新网安招聘信息!

大模型时代，安全人才如何破局？