Aggregator

Intigriti's Ed Parsons on How Regs Are Pushing Firms Toward Proactive Security
The NIS2 Directive has driven significant improvements in vulnerability management across Europe. Organizations are accelerating vulnerability discovery by engaging with crowdsourced security communities and ethical hackers, said Ed Parsons, chief operations officer at Intigriti.

Why the Fortinet Earnings Case Is a Cautionary Tale for the Cybersecurity Sector
Fortinet's stock unexpectedly plunged more than 20% in August. That same month, Gartner named Fortinet an industry leader in its Magic Quadrant for hybrid mesh firewalls. But the thing that sent Fortinet's stock into a nosedive was revenue forecasts that didn't pan out.

NAV Canada CISO Tom Bornais on Keeping IT and OT Systems Running
With threats targeting aviation infrastructure, NAV Canada CISO Tom Bornais explained how his team focuses on building resilience rather than chasing perfection. He outlined why internal alignment, incident simulation and supply chain security are critical to defending IT and OT systems.

Global Tech Debt Impedes Growth as AI, Cloud and Legacy Systems Collide
Technical debt is no longer just a developer's dilemma; it's a global business risk. As companies cling to legacy systems and monolithic code, modernization efforts stall. Rising costs, slower delivery and AI limitations highlight the urgent need for scalable, future-ready architectures.

From the end of Windows 10 support to scams on TikTok and state-aligned hackers wielding AI, October's headlines offer a glimpse of what's shaping cybersecurity right now

关注高级攻防对抗技术热点，研究对手技术进行高级威胁模拟，研判攻击安全发展方向。

A vulnerability described as critical has been identified in Linux Kernel up to 6.18-rc2. This vulnerability affects the function comedi_buf_munge of the component comedi. The manipulation results in divide by zero. This vulnerability is reported as CVE-2025-40106. The attacker must have access to the local network to execute the attack. No exploit exists. Upgrading the affected component is recommended.

速看！国密双向认证的通关技巧~

A vulnerability marked as problematic has been reported in Open-Xchange OX App Suite up to 7.6.3-rev77/8.35.111/8.38.82/8.39.79/8.40.57. This affects an unknown part. The manipulation leads to improper restriction of rendered ui layers. This vulnerability is documented as CVE-2025-30191. The attack can be initiated remotely. There is not any exploit available.

A vulnerability labeled as problematic has been found in Open-Xchange OX App Suite up to 2.1.7. Affected by this issue is some unknown functionality of the component API. Executing manipulation can lead to resource consumption. This vulnerability is registered as CVE-2025-30188. It is possible to launch the attack remotely. No exploit is available. The affected component should be upgraded.

累计下载量超过9900次

速修复

30+ организаций требуют остановить "торговлю душой" через чат-ботов.

今天给大家推送美国国际开发署和民主基金会、福特基金。会等机构在巴基斯坦资助的机构和项目。

A Ukrainian national believed to be a member of the Conti ransomware operation has been extradited to the United States and faces charges that could get him 25 years in prison. [...]

Threat intelligence researchers have uncovered a growing campaign where cybercriminals are weaponizing AdaptixC2, a legitimate open-source Command and Control framework designed for authorized penetration testers. The discovery reveals how threat actors are exploiting ethical hacking tools to conduct sophisticated cyberattacks, with significant ties linking the framework’s development to Russian criminal networks. Silent Push threat analysts […]

The post Threat Actors Exploiting Open-Source C2 Frameworks to Deploy Malicious Payloads appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

APT-C-60（伪猎者）是一伙以持续监控受影响用户、窃取相关信息为目的朝鲜半岛APT组织。

百万奖池等你来拿！

最大成人视频网站 Pornhub 表示，自 7 月英国 Online Safety Act 生效要求成人网站验证访客年龄后，英国访客数量锐减 77%。Pornhub 声称无视新法律的成人网站从中受益。Pornhub 是全球访问量排名第 19 的网站。英国通信管理局（Ofcom）称 7 月 25 日之后的三个月内，英国用户访问色情网站的数量总体下降近三分之一，Ofcom 表示法律实现了其主要目的，即阻止儿童“无需搜索即可轻易接触成人内容”。Ofcom 称，7 月 VPN 用户达到了 150 万，但此后降至了 100 万。Cyber​​news 的数据显示，英国用户通过 Google Play Store 和 Apple App Store 下载 VPN 应用的数量今年内将超过 1070 万次。Cyber​​news 认为 Pornhub 英国访客数量并没有锐减，访客使用 VPN 导致其被归类为非英国用户，当然确实可能有部分用户转向了不需要年龄验证的网站。