Что скрывают 2087 сверхновых? Намеки на конец эпохи вечного расширения
Сверхновые намекнули, что вечное расширение отменяется…
Aggregator
Scavenger Malware Compromises Popular npm Packages to Target Developers
9 months ago
The well-known npm package eslint-config-prettier was released without authorization, according to several GitHub users, even though its repository did not contain any corresponding code changes. The maintainer later confirmed via social media that their npm account was compromised through a phishing email, affecting several packages including eslint-config-prettier versions 8.10.1, 9.1.1, 10.1.6, and 10.1.7; eslint-plugin-prettier versions […]
The post Scavenger Malware Compromises Popular npm Packages to Target Developers appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Aman Mishra
INC
9 months ago
You must login to view this content
cohenido
INC
9 months ago
You must login to view this content
cohenido
INC
9 months ago
You must login to view this content
cohenido
INC
9 months ago
You must login to view this content
cohenido
Russian Threat Actors Target NGOs with New OAuth Phishing Tactics
9 months ago
A new wave of phishing attacks exploiting Microsoft 365 OAuth tools has been observed impersonating diplomats to steal access codes
Crypto24
9 months ago
You must login to view this content
cohenido
SharePoint under fire: new ToolShell attacks target enterprises
9 months ago
While SentinelOne did not attribute the attack to a specific threat actor, The Washington Post linked it to China-nexus acors. On July 19, Microsoft confirmed active exploitation of a zero-day vulnerability, tracked as CVE-2025-53770 in on-prem SharePoint Servers. The IT giant issued emergency patches for SharePoint Subscription Edition and 2019, with 2016 updates pending. Microsoft […]
Pierluigi Paganini
Exclusive! Threat Intelligence That Powers Best SOCs Worldwide Is Now Free
9 months ago
Quality threat intelligence has traditionally been the domain of enterprise-level budgets and premium subscriptions. The kind of fresh, actionable data that transforms how SOCs operate has remained frustratingly out of reach for many organizations. Until now. A Game-Changing Opportunity For Your Security Operations ANY.RUN has just made an unprecedented move that will reshape how security […]
The post Exclusive! Threat Intelligence That Powers Best SOCs Worldwide Is Now Free appeared first on Cyber Security News.
Sweta Bose
ICM Document Solutions Falls Victim to Kawa4096 Ransomware
9 months ago
ICM Document Solutions Falls Victim to Kawa4096 Ransomware
Dark Web Informer - Cyber Threat Intelligence
Lynx
9 months ago
You must login to view this content
cohenido
SecWiki News 2025-07-22 Review
9 months ago
HackingTeam被攻陷全纪录 by ourren
如何准确溯源归因攻击者—普华永道的比较归因框架 by ourren
AsyncRAT分析与网空测绘 by ourren
DARPA 2026年度预算重点项目清单 by ourren
国家自然科学基金委员会2024年度报告 by ourren
互联网域间路由系统的关键挑战与技术创新白皮书 by ourren
更多最新文章,请访问SecWiki
如何准确溯源归因攻击者—普华永道的比较归因框架 by ourren
AsyncRAT分析与网空测绘 by ourren
DARPA 2026年度预算重点项目清单 by ourren
国家自然科学基金委员会2024年度报告 by ourren
互联网域间路由系统的关键挑战与技术创新白皮书 by ourren
更多最新文章,请访问SecWiki
Microsoft SharePoint zero-day attacks pinned on China-linked ‘Typhoon’ threat groups
9 months ago
Linen Typhoon, Violet Typhoon and Storm-2603 are behind the initial attack spree that erupted over the weekend. Other threat groups are now following suit.
The post Microsoft SharePoint zero-day attacks pinned on China-linked ‘Typhoon’ threat groups appeared first on CyberScoop.
Matt Kapko
Iranian Hackers Target Global Airlines to Steal Sensitive Data
9 months ago
APT39, a hacker collective connected to Iran’s Ministry of Intelligence and Security (MOIS), was exposed as operating through the compromised internal systems of the Iranian company Amnban, Sharif Advanced Technologies, in a significant cybersecurity incident. Launched in 2018 with credentials from Sharif University and Amir Kabir alumni, Amnban presented itself as a legitimate penetration testing […]
The post Iranian Hackers Target Global Airlines to Steal Sensitive Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Aman Mishra
Firefox 141 释出
9 months ago
Mozilla 释出了 Firefox 141.0。主要新特性包括:自动管理标签页,本地 AI 模型能识别相似的标签页自动组织成组,甚至能为名称提供建议,这些信息都保存在本地不会泄漏到网上;垂直标签用户可以调整侧边栏底部工具区域的大小;Linux 版本减少了内存占用,通过包管理器更新后不会强制重新启动;向巴西、西班牙和日本用户启用地址自动填充功能;地址栏可用作单位转换器,支持长度、温度、质量、力和角度测量单位以及时区;Windows 版本启用 WebGPU API,等等。
Хакеры выбирают Европу — континент превратился в цифровую мишень №1
9 months ago
Кибератаки обрушились на компании с невиданной силой — 1984 удара в неделю.
Microsoft Links Ongoing SharePoint Exploits to Three Chinese Hacker Groups
9 months ago
Microsoft has formally tied the exploitation of security flaws in internet-facing SharePoint Server instances to two Chinese hacking groups called Linen Typhoon and Violet Typhoon as early as July 7, 2025, corroborating earlier reports.
The tech giant said it also observed a third China-based threat actor, which it tracks as Storm-2603, weaponizing the flaws as well to obtain initial access to
The Hacker News
Sophos security advisory (AV25-443)
9 months ago
Canadian Centre for Cyber Security
科学家利用月球土壤取水
9 months ago
数十年来,航天机构一直提出将月球作为探索宇宙深处的前哨基地的想法。然而为月球基地提供足够的资源尤其是水以支持居民生活,一直是极大的障碍。根据研究,通过火箭运输一加仑水的成本约为 8.3 万美元,而每位宇航员每天大约需要饮用 4 加仑水。香港中文大学王璐团队开发了一种技术,既能从月球土壤中提取水,又能直接利用这些水将宇航员呼出的二氧化碳转化为一氧化碳和氢气,进而用于制造燃料和供宇航员呼吸的氧气。这项技术通过一种新颖的光热策略实现了这一目标,即将太阳光转化为热能。科学家们使用嫦娥任务收集的月壤样本、模拟月球样本和一个充满二氧化碳气体的批量处理反应器测试了这项技术,该反应器使用光聚焦系统来驱动光热过程。研究团队使用钛铁矿(一种重质黑色矿物,也是月球土壤中报告的几种含水矿物之一)来测量光热活性,并分析该过程的机制。尽管实验室取得了成功,但研究人员强调目前的催化性能不足以完全支持人类在地球以外的环境生存。