Aggregator

Experts Aim to Probe How AI Models Reason, and Why It Matters
AI researchers from OpenAI, Google DeepMind and Anthropic and others have urged deeper study into chain-of-thought monitoring, a technique to track how reasoning models arrive at answers. Their joint paper warns that transparency may erode if not prioritized.

5G OT Security Summit Speakers on Delicate Balance Between Innovation, Cyber Risk
Digital transformation - which now includes a convergence of cloud-based applications, AI and OT systems - introduces new threat vectors particularly as legacy systems struggle to adapt. Speakers at the 5G OT Security Summit discussed cyber defenses and policies and for securing OT systems.

67 Malicious Packages, XORIndex Loader Target JavaScript Code-Sharing Platform
North Korean threat actors escalated their software supply chain attacks by uploading 67 new malicious packages to the npm Registry as part of the ongoing Contagious Interview campaign. The malware targets open-source JavaScript developers with malware loaders.

Agency to Collaborate with External Experts on Vulnerability Research
The U.K. NCSC will collaborate with industry experts for vulnerability detection and mitigation as part of its latest Vulnerability Research Initiative. The announcement comes on the heels of funding concerns for the U.S. government-based Common Vulnerabilities and Exposures program.

Ещё вчера это делал человек, сегодня — пингвин с шасси и интеллектом.

用Rust构建24/7稳定运行的高性能数据管道

Вирус испанки 1918 года ожил в лаборатории в 2025-м.

Many companies say they can’t find enough cybersecurity professionals. But a new report suggests the real problem isn’t a lack of talent, but how those jobs are structured and advertised. Expel’s 2025 Enterprise Cybersecurity Talent Index looked at more than 5,000 cybersecurity-related job postings from Fortune 100 companies. The findings point to hiring practices that may be turning qualified candidates away, not drawing them in. “We often hear about the cybersecurity talent or skills gap … More →

The post What Fortune 100s are getting wrong about cybersecurity hiring appeared first on Help Net Security.

检测业务是否受到此漏洞影响，请联系长亭应急服务团队！

AI 商业化落地，技术固然重要，生态也举足轻重。

When it comes to spotting threats, security teams need tools that can pull data from all over and make it easier to analyze. In this article, we’ll take a look at some popular open-source tools that help with everything from log management to network and host monitoring, and even incident response. These tools give teams the visibility they need to catch threats early and act fast. Cortex Cortex is developed by TheHive Project to help … More →

The post Tired of gaps in your security? These open-source tools can help appeared first on Help Net Security.

<p>Attackers are getting increasingly creative—not just with their payloads, but with how they deliver and operate them. In a recent Incident Response engagement, TrustedSec investigated a case involving an attacker who…</p>

你是否曾想过：当大模型在给出最终答案前，那段长长的 "思考过程" 里，可能藏着不为人知的风险？

317 тысяч уязвимостей, 45 тысяч исследователей и ни одного мёртвого линка.

本报告基于威胁猎人对全球19.9万个卡BIN段、逾万家发卡机构及上百个黑市渠道的长期监控与分析，系统性揭示了支付卡泄露的全貌与黑灰产运作链条，涵盖从数据窃取、卡料筛选、地下交易到盗刷变现的全流程...

权威认可

MITRE has unveiled a new cybersecurity framework titled AAD APT (Adversarial Actions in Digital Asset Payment Technologies), specifically designed to counter vulnerabilities within digital financial systems, including cryptocurrencies. This initiative extends the principles established...

The post MITRE Unveils AADAPT: A New Cybersecurity Framework to Combat Digital Asset Threats appeared first on Penetration Testing Tools.

Раньше были кремниевые чипы, теперь — CSiGeSn.

In a recent analysis based on the examination of 10 million real-world compromised passwords, researchers at Specops have laid bare the ongoing vulnerability of corporate networks stemming from human error. The passwords were drawn...

The post The Password Crisis: 98.5% of Corporate Passwords Are Insecure, Leaving Networks Vulnerable appeared first on Penetration Testing Tools.