Aggregator

美国执法/犯罪情报资源网站。

《可信数据空间标准化研究报告（2025版）》于8月29日在2025中国国际大数据产业博览会数据标准化主题交流活动上正式发布。

2025年8月29日，第五届极客少年挑战赛全国总决赛在成都圆满落幕。

一些通用加密通信软件在为信息提供保护的同时，也为境外间谍不法活动提供了新的掩护。其风险如暗流涌动，需高度警惕。

当前，数据要素价值化、市场化正在积极推进，相关数据安全问题也极为突出，亟待分类分级治理。其中，涉私数据的安全保护和流通利用问题尤其值得重视。

Salesforce has published a comprehensive forensic investigation guide aimed at empowering organizations to detect, analyze, and remediate security incidents within their Salesforce environments. The new guide distills best practices across three critical areas: activity logs, user permissions, and backup data—providing a structured framework to answer key questions such as “What did a specific user do […]

The post Salesforce Publishes Forensic Guide After Series of Cyberattacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

曾经的装机软件、广泛使用的 PDF 阅读器 Adobe Reader 安装程序其容量过去几年大幅膨胀，原因当然是和所有科技公司一样，要在其产品中集成炙手可热的 AI，至于用户需要不需要则是另一回事。Adobe Reader 25.1 版本容量接近 700MB，而去年发布的 v24.2 容量只有 460MB，2016 年的 v15.17 容量不到 100MB。相比下，另一款 PDF 阅读器 SumatraPDF 容量维持在 10MB 以内。

从3246开始的大3浪数据分析，3700必到！

WOO X успешно прошла стандартный для криптобирж ритуал.

A vulnerability has been found in Campcodes Online Learning Management System 1.0 and classified as critical. Affected is an unknown function of the file /teacher_signup.php. Performing manipulation of the argument firstname results in sql injection. This vulnerability is identified as CVE-2025-9786. The attack can be initiated remotely. Additionally, an exploit exists. Other parameters might be affected as well.

发掘与培育网络安全后备人才，助力少年极客成就守护网络安全的梦想

安全运营中心（SOC）面临AI社交工程、身份幻觉等七大危机，五步重构防御体系。

Vesta Vesta is a static analysis of vulnerabilities, Docker, and Kubernetes cluster configuration detect toolkit. It inspects Kubernetes

The post vesta: Docker and Kubernetes cluster configuration detect toolkit appeared first on Penetration Testing Tools.

Submit #640996 / VDB-322102

An Android malware tracker named SikkahBot, active since July 2024 and explicitly targeting students in Bangladesh. Disguised as applications from the Bangladesh Education Board, SikkahBot lures victims with promises of scholarships, coerces them into sharing sensitive information, and requests high-risk permissions. Once installed, it harvests personal and financial data, intercepts SMS messages, abuses the Accessibility […]

The post Fraudulent Scholarship Apps Target Students in “Defarud” Scam Campaign appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

感谢香港数码港对 MistTrack 创新性与应用价值的认可！

A growing wave of sophisticated attacks is turning macOS’s built-in security defenses into avenues for malware distribution, according to recent security research. As macOS continues to gain market share, cybercriminals are adapting their strategies to exploit even the most robust Apple protections. Analysts warn that relying solely on native safeguards may leave organizations vulnerable to […]

The post Hackers Exploit macOS Security Features to Spread Malware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Adversaries targeting the Salesloft Drift application integration with Salesforce have also compromised Google Workspace accounts

A critical vulnerability in the IBM Watsonx Orchestrate Cartridge for IBM Cloud Pak for Data has been disclosed, enabling blind SQL injection attacks that could compromise sensitive data. Tracked as CVE-2025-0165, this flaw allows authenticated attackers to inject malicious SQL statements, potentially leading to unauthorized data access, manipulation, or deletion in the back-end database. IBM’s Watsonx platform offers advanced […]

The post IBM Watsonx Vulnerability Enables SQL Injection Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.