Aggregator

Bitdefender’s 2025 Cybersecurity Assessment Report paints a sobering picture of today’s cyber defense landscape: mounting pressure to remain silent after breaches, a gap between leadership and frontline teams, and a growing urgency to shrink the enterprise attack surface. The annual research combines insights from over 1,200 IT and security professionals across six countries, along with an

威胁分子利用Milesight工业路由器API发送恶意短信，在欧洲多国发起钓鱼攻击。这些短信模仿政府和金融机构网站，诱导用户泄露信息。约572台暴露设备存在漏洞（CVE-2023-43261），攻击自2022年持续至今。

Bitdefender报告指出，企业面临攻击面扩大、内部沟通不畅及AI威胁增加等问题，需加强防御并改善管理协调。

A vulnerability categorized as problematic has been discovered in Qt up to 5.15.12/6.2.7/6.4.2. This affects an unknown function of the component SQL ODBC Driver Plugin. The manipulation results in denial of service. This vulnerability is known as CVE-2023-24607. Access to the local network is required for this attack. No exploit is available. It is advisable to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in pendulum-project ntpd-rs up to 1.6.1. This vulnerability affects unknown code. This manipulation causes insufficient control of network message volume. This vulnerability appears as CVE-2025-58066. The attack may be initiated remotely. There is no available exploit. It is advisable to upgrade the affected component.

9月30日，Anthropic和智谱分别发布Claude Sonnet 4.5和GLM-4.6 AI编程模型。测试显示GLM-4.6在编程任务中表现优异，可替代Claude Sonnet 4.5。该模型开源免费，支持中文，性价比高。

Как мы взломали код мимики с помощью крысиной морды.

Editor’s note: The current article is authored by Mauro Eldritch, offensive security expert and threat intelligence analyst. You can find Mauro on X.  AI is part of our lives whether we like it or not. Even if you are not quite a fan, or not a user at all, you probably came across multiple AI-generated avatars, pictures, […]

The post FunkSec’s FunkLocker: How AI Is Powering the Next Wave of Ransomware  appeared first on ANY.RUN's Cybersecurity Blog.

A novel rootkit hooking method dubbed FlipSwitch has emerged, circumventing the latest Linux 6.9 kernel dispatch safeguards and reigniting concerns over kernel-level compromise. By manipulating the machine code of the new syscall dispatcher rather than the deprecated sys_call_table, FlipSwitch restores the classic power of syscall hooking, enabling stealthy interception of critical system calls such as […]

The post New FlipSwitch Hooking Method Overcomes Linux Kernel Defenses appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

关键词违反网络安全法一、上海某跨国公司违规出境用户信息案2025年5月，某国际时尚品牌被曝数据泄露，其中国公司

关键词违反网络安全法一、上海某跨国公司违规出境用户信息案2025年5月，某国际时尚品牌被曝数据泄露，其中国公司

关键词违反网络安全法一、上海某跨国公司违规出境用户信息案2025年5月，某国际时尚品牌被曝数据泄露，其中国公司

关键词违反网络安全法一、上海某跨国公司违规出境用户信息案2025年5月，某国际时尚品牌被曝数据泄露，其中国公司

当前环境出现异常状况，请完成验证后继续访问相关内容。

当前环境出现异常状态，需完成验证后才能继续访问。

当前环境出现异常，需完成验证后才能继续访问。

文章指出当前环境异常，需完成验证后方可继续访问。

Apple released iOS and macOS updates to fix a flaw in font processing that could trigger a denial-of-service condition or memory corruption. Apple released iOS and macOS updates to address a medium-severity flaw, tracked as CVE-2025-43400, in font processing that could trigger a denial-of-service condition or memory corruption. The CVE-2025-43400 flaw is an out-of-bounds write […]

苹果发布iOS和macOS更新修复字体处理漏洞CVE-2025-43400，该漏洞可能导致拒绝服务或内存损坏。攻击者可利用此漏洞制作恶意字体引发应用崩溃或内存破坏，甚至可能远程执行代码控制设备。建议用户尽快更新以防范风险。

PwC found that AI security has become a top investment priority in cyber budgets over the next 12 months, ahead of cloud and network security