Aggregator

Сталь ЭП302М-Ш. Что это за материал и почему от него зависит будущее российской атомной энергетики.

黑客激进分子正在持续入侵

A new wave of cyber threats is emerging as criminals increasingly weaponize AdaptixC2, a free and open-source Command and Control framework originally designed for legitimate penetration testing and red team operations. Security researchers have uncovered a disturbing trend where advanced threat actors deploy this extensible post-exploitation tool across global ransomware campaigns, transforming a utility meant […]

The post Threat Actors Actively Using Open-Source C2 Framework to Deliver Malicious Payloads appeared first on Cyber Security News.

WhatsApp has announced a significant security upgrade that makes protecting your chat backups simpler and more secure than ever before. The messaging platform is introducing passkey-encrypted backups, a new feature that eliminates the need for complicated passwords or lengthy encryption keys. Instead, users can now protect their backups using their fingerprint, face recognition, or screen […]

The post WhatsApp Implements Passkey System to Boost Backup Privacy appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

全港第二届网络安全攻防演练落幕！360获香港特区政府致谢

“懂AI更懂安全”！360引领行业智能化变革

零基础也能学！掌握VMProtect加密原理与逆向实战技巧

文末投递简历

Chromium漏洞恐致全球浏览器崩溃，谷歌两月未回应。

看雪论坛作者ID：阿强

A vulnerability classified as critical was found in ISO 15118-2 Network and Application Protocol Requirements 8.3. Impacted is an unknown function of the component Signal Level Attenuation Characterization Protocol Handler. Such manipulation leads to improper restriction of communication channel to intended endpoints. This vulnerability is traded as CVE-2025-12357. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended that additional encryption be implemented.

A vulnerability classified as critical has been found in Therefore Corporation Therefore Online and Therefore On-Premises up to 2025. This issue affects some unknown processing. This manipulation causes authentication bypass by spoofing. This vulnerability appears as CVE-2025-11843. The attack may be initiated remotely. There is no available exploit.

Intigriti's Ed Parsons on How Regs Are Pushing Firms Toward Proactive Security
The NIS2 Directive has driven significant improvements in vulnerability management across Europe. Organizations are accelerating vulnerability discovery by engaging with crowdsourced security communities and ethical hackers, said Ed Parsons, chief operations officer at Intigriti.

Why the Fortinet Earnings Case Is a Cautionary Tale for the Cybersecurity Sector
Fortinet's stock unexpectedly plunged more than 20% in August. That same month, Gartner named Fortinet an industry leader in its Magic Quadrant for hybrid mesh firewalls. But the thing that sent Fortinet's stock into a nosedive was revenue forecasts that didn't pan out.

NAV Canada CISO Tom Bornais on Keeping IT and OT Systems Running
With threats targeting aviation infrastructure, NAV Canada CISO Tom Bornais explained how his team focuses on building resilience rather than chasing perfection. He outlined why internal alignment, incident simulation and supply chain security are critical to defending IT and OT systems.

Global Tech Debt Impedes Growth as AI, Cloud and Legacy Systems Collide
Technical debt is no longer just a developer's dilemma; it's a global business risk. As companies cling to legacy systems and monolithic code, modernization efforts stall. Rising costs, slower delivery and AI limitations highlight the urgent need for scalable, future-ready architectures.

From the end of Windows 10 support to scams on TikTok and state-aligned hackers wielding AI, October's headlines offer a glimpse of what's shaping cybersecurity right now

关注高级攻防对抗技术热点，研究对手技术进行高级威胁模拟，研判攻击安全发展方向。

A vulnerability described as critical has been identified in Linux Kernel up to 6.18-rc2. This vulnerability affects the function comedi_buf_munge of the component comedi. The manipulation results in divide by zero. This vulnerability is reported as CVE-2025-40106. The attacker must have access to the local network to execute the attack. No exploit exists. Upgrading the affected component is recommended.