Aggregator

Submit #780733 / VDB-242865

Submit #780731 / VDB-354654

Как черные дыры спасают физику от краха.

A recent cybersecurity study reveals that threat actors are moving faster than ever to weaponize new software flaws. According to data collected from a high-interaction honeypot, hackers are actively exploiting a newly disclosed, maximum-severity vulnerability in Oracle WebLogic Server. The critical flaw, tracked as CVE-2026-21962, carries a CVSS score of 10.0. It allows unauthenticated attackers […]

The post Hackers Actively Exploiting Critical WebLogic RCE Vulnerabilities in Attacks appeared first on Cyber Security News.

Our new blog post explores the ‘cognitive rust belt’ — how AI friction masks skill loss and why organizations must act now.

The following CIS Benchmarks and CIS Build Kits have been updated or recently released. The Center for Internet Security has highlighted the major updates below. Each Benchmark and Build Kit includes a changelog that references all changes. Updated CIS Benchmarks overview CIS Microsoft Windows 11 Enterprise Benchmark v5.0.0 CIS Oracle Cloud Infrastructure Foundations Benchmark v3.1.0 CIS Apache Cassandra 5.0 Benchmark v1.1.0 CIS Apache Cassandra 4.1 Benchmark v1.2.0 CIS Apache Cassandra 4.0 Benchmark v1.3.0 CIS Microsoft … More →

The post CIS Benchmarks March 2026 Update appeared first on Help Net Security.

Submit #780729 / VDB-354653

Submit #780727 / VDB-354652

Today we are launching the beta of EmDash, a full-stack serverless JavaScript CMS built on Astro 6.0. It combines the features of a traditional CMS with modern security, running plugins in sandboxed Worker isolates.

Eight years ago, we launched 1.1.1.1 to build a faster, more private Internet. Today, we’re sharing the results of our latest independent examination. The result: our privacy protections are working exactly as promised.

A newly disclosed Russian-linked remote access toolkit called “CTRL” is being used to hijack Remote Desktop Protocol sessions and steal credentials from Windows systems. According to Censys ARC, the malware is a custom .NET framework that combines phishing, keylogging, reverse tunneling, and persistence into one attack chain. Censys ARC said the toolkit was discovered during […]

The post Russian Hackers Using Remote Access Toolkit “CTRL” for  RDP Hijacking appeared first on Cyber Security News.

Google has released an emergency security update for its Chrome browser, patching a zero-day vulnerability that is already being actively exploited in the wild. The Stable channel has been updated to version 146.0.7680.177/178 for Windows and Mac, and 146.0.7680.177 for Linux, with the rollout expected to reach all users over the coming days and weeks. […]

The post New Chrome Zero-Day Vulnerability Actively Exploited in Attacks — Patch Now appeared first on Cyber Security News.

Submit #778613 / VDB-354651

There is a character that keeps appearing in enterprise security departments, and most CISOs know exactly who that is. It doesn’t build. It doesn’t enable. Its entire function is to say "No." No to ChatGPT. No to DeepSeek. No to the file-sharing tool the product team swears by. For years, this looked like security. But in 2026, "Doctor No" is no longer just a management headache &

Submit #780538 / VDB-354650

New research from Seqrite explains the ‘dual-use dilemma,’ where ransomware attackers repurpose legitimate IT tools like IOBit Unlocker…

Submit #780561 / VDB-354649

Submit #780560 / VDB-354648

Submit #780559 / VDB-354647

Submit #780558 / VDB-354646