Aggregator

The report, released by the advocacy group Human Rights Watch on Tuesday, alleges that the European Commission has failed to effectively police member states' surveillance tech sales despite the 2021 implementation of updated bloc-wide export rules designed to rein in the practice.

Exim has released security updates to address a severe security issue affecting certain configurations that could enable memory corruption and potential code execution. Exim is an open-source Mail Transfer Agent (MTA) designed for Unix-like systems to receive, route, and deliver email. The vulnerability, tracked as CVE-2026-45185 (CVSS score: 9.8), aka Dead.Letter, has been described as a

Pwn2Own Berlin 2026 reportedly reached full capacity for the first time, prompting rejected researchers to publicly disclose zero-day exploits targeting Firefox, NVIDIA, and AI platforms.

Он уже прошёл сборку… правда, пока что только на компьютере.

SAP introduced the Autonomous Enterprise to help enhance the world’s most critical business workflows, so that humans and AI work together to meet the accelerating demands of global business profitably, strategically and safely. “For the mission-critical processes of our customers, ‘almost right’ just isn’t good enough,” said Christian Klein, CEO of SAP SE. “By uniting SAP Business AI Platform with SAP Autonomous Suite, we anchor AI agents in the business processes, data and governance so … More →

The post SAP unveils Autonomous Enterprise for AI-driven business operations appeared first on Help Net Security.

Финальный релиз Python 3.15 запланирован на 1 октября.

今日暂未更新资讯~
更多最新文章，请访问SecWiki

2025 年 12 月斯坦福大学的研究人员分析了 22 亿条社媒帖子，寻找模式识别发布有毒内容的用户比例。所谓有毒内容指的是充斥着仇恨的极端主义内容。那么发布有毒内容的用户比例多高呢？可能比你想象的低得多，但此类内容被推荐算法放大而让很多人以为它们是主流。在 Twitter/X 上，有毒推文的转发量比非有毒推文高约 86%，曝光度高约 27%；0.3% 的用户分享了 80% 的争议新闻；6% 的用户发布了约 73% 的政治推文。在 TikTok 上，25% 的用户发布了 98% 的公开视频。具体数字有所不同，但本质相同：少数活跃用户压倒了绝大多数用户。研究人员发现的社媒模式是：沉默的大多数，因担心表达异议而社交孤立，大多数用户要么保持沉默要么离开平台，将平台空间让给了表达极端观点的用户；积极发帖的少数人会陷入认知偏差，认为自己属于多数派。

Exaforce announced a $125 million Series B financing round, one of the largest ever in the emerging AI SOC space. The round includes participation from HarbourVest, Peak XV, Mayfield, Khosla Ventures, Seligman Ventures and AICONIC. The new capital will help Exaforce scale its AI-native security operations platform, deepen its real-time reasoning capabilities, and expand globally. Coming just one year after its $75 million Series A, the round brings Exaforce’s total funding to $200 million. AI … More →

The post Exaforce raises $125 million to respond to AI-powered attacks appeared first on Help Net Security.

Security researchers at XLab have outlined an active attack campaign targeting CVE-2026-41940, the recently disclosed vulnerability in cPanel & WHM, and have linked it to a stealthy hacking group that has been operating largely undetected for years. The vulnerability allows an attacker to log into a cPanel server without a username or password, effectively handing them administrator control over the cPanel host system, its configurations and databases, and the websites it manages. The attack campaign … More →

The post Stealthy hackers exploit cPanel flaw in active backdoor campaign (CVE-2026-41940) appeared first on Help Net Security.

2026 年 3 月，美国与以色列对伊朗发动空袭后，全球冲突报道最依赖的商业卫星影像源突然陷入停滞。

Он полон энергии. Просто раньше никто не знал, как её взять.

ThreatDown, the former corporate business unit of Malwarebytes, launched ThreatDown Identity Threat Detection and Response (ITDR). ITDR is a new product that helps security teams monitor identities to detect suspicious activity, misconfigurations, and active attacks targeting user accounts and privileges. With native integrations for Microsoft Entra ID, Okta, and Active Directory, security teams gain unified visibility across hybrid identity environments without deploying additional agents. Natively integrated with the ThreatDown EDR and MDR platform, ITDR delivers … More →

The post ThreatDown ITDR prevents credential-based attacks appeared first on Help Net Security.

With Daybreak, OpenAI wants its frontier AI models to be used to deploy secure by design software from the ground up

Microsoft Incident Response investigated an attack operated through legitimate and trusted administrative mechanisms to blend seamlessly into routine operations and remain undetected demonstrating that intrusions have increasingly avoided using noisy exploits, obvious malware, or custom tooling, instead leveraging systems that organizations already trust within their environments.

The post Undermining the trust boundary: Investigating a stealthy intrusion through third-party compromise appeared first on Microsoft Security Blog.

Microsoft Incident Response investigated an attack operated through legitimate and trusted administrative mechanisms to blend seamlessly into routine operations and remain undetected demonstrating that intrusions have increasingly avoided using noisy exploits, obvious malware, or custom tooling, instead leveraging systems that organizations already trust within their environments.

The post Undermining the trust boundary: Investigating a stealthy intrusion through third-party compromise appeared first on Microsoft Security Blog.