Aggregator

JLR said it is investigating following claims by the actor “Scattered Lapsus$ Hunters” that it had stolen data from the firm and had issued an extortion demand

A threat actor is leveraging a zero-day vulnerability (CVE-2025-53690) and an exposed sample ASP.NET machine key to breach internet-facing, on-premises deployments of several Sitecore solutions, Mandiant has revealed. About CVE-2025-53690 CVE-2025-53690 is a ViewState deserialization vulnerability that affects any version of Sitecore Experience Manager (XM), Experience Platform (XP), Experience Commerce (XC), and Managed Cloud. Deployed instances are affected by this vulnerability if they have been deployed by using a sample machine key that has been … More →

The post Sitecore zero-day vulnerability exploited by attackers (CVE-2025-53690) appeared first on Help Net Security.

Лаборатория будет помогать всем  — от юристов до спонсоров open source.

Теперь у Jaguar Land Rover есть свежий контент в Telegram-канале хакеров.

关键词安全漏洞安全公司 ReversingLabs 发文，透露微软 VS Code 插件市场存在一项 " 鸠占

关键词安全漏洞科技媒体 Windows Report 昨日（9 月 1 日）发布博文，报道称微软承认 Wind

关键词网络攻击近年来，随着无人机在航拍、物流、农业等领域的广泛应用，相关的安全问题也日益凸显。

By Ivan Novikov and Stepan Ilyin When we started Wallarm, we focused on the APIs that power modern apps. We built an API-first platform, used AI from day one, and secured early patents in behavior-based detection and automated policy creation. The result: real-time, inline blocking with automatic API discovery that protects production, not just dashboards. [...]

The post Reflecting on Wallarm’s Journey: Growth, Resilience, and What Comes Next appeared first on Wallarm.

The post Reflecting on Wallarm’s Journey: Growth, Resilience, and What Comes Next appeared first on Security Boulevard.

最近的AI圈，简直比好莱坞大片还精彩。

 Armis Labs has uncovered ten critical security flaws collectively named “Frostbyte10” in Copeland’s E2 and E3 building management controllers. These devices, which handle refrigeration, HVAC, lighting, and other essential functions, could allow remote attackers to execute code, change settings, disable systems, or steal sensitive data. A firmware update is available now, and affected organizations are […]

The post Frostbyte10 Vulnerabilities Let Hackers Gain Remote Access appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

建议立即更新

攻击详情未公开

A new cyber-attack, dubbed “Grokking,” is exploiting features on the social media platform X to spread malicious links on a massive scale. Scammers are manipulating the platform’s advertising system and its generative AI, Grok, to bypass security measures and amplify harmful domains. This technique turns X’s own tools into unwilling accomplices in a widespread malvertising […]

The post Hackers Leverage X’s Grok AI To Amplify Malicious Links Via Promoted Posts appeared first on Cyber Security News.

Hikvision HikCentral flaw allows unauthenticated users to gain admin rights, risking full control over configs, logs, and critical monitoring. Security researchers warn of three vulnerabilities impacting Hikvision HikCentral, which is a centralized management software used across many industries for video surveillance, access control, and integrated security operations. The three vulnerabilities are: One of them was […]

Выкладываешь фреймворк на GitHub — просыпаешься, а он уже в цепочке атак.

Microsoft has officially acknowledged a significant User Account Control (UAC) bug that is causing widespread installation issues across Windows 10 and Windows 11 systems. The problem stems from a security update released in August 2025 and affects millions of users attempting to install or repair applications. The Core Issue The bug emerged following Microsoft’s August 2025 […]

The post Microsoft Confirms UAC Bug Disrupts App Installation on Windows 10 & 11 appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

只有构建系统应对机制，提升网络暴力信息风险治理的法治化、科学化和现代化水平，投入专业力量，尽早介入，落实“首办责任制”，才能真正避免“按键伤人”。

当前主流的人工智能系统大多依赖于机器学习算法，而数据作为其核心驱动力，既支撑着模型的性能，也带来了数据泄露和隐私侵犯的隐忧。因此，如何在保障数据安全和用户隐私的前提下有效释放数据价值，成为人工智能发展的重大课题。