Aggregator

金融时报报道，杭州深度探索公司 DeepSeek 在使用华为芯片训练新模型 R2 失败后，已推迟该模型的发布。DeepSeek 在今年 1 月释出了引发广泛关注的 R1 模型，之后它开始了 R2 模型的训练，在有关部门的鼓励下它使用了华为昇腾(Ascend)处理器而不是更成熟也更先进的英伟达 AI 芯片。但在使用昇腾芯片训练 R2 模型的过程中 DeepSeek 持续遭遇技术问题，因此转而使用英伟达芯片训练，使用华为芯片推理。

Google подтянула pKVM до максимального уровня безопасности.

The Tenable One Exposure Management Platform provides a single source of truth for cyber risk, helping Canadian security teams shift from reactive patching to proactive risk reduction. With native support for Canadian data residency and alignment with frameworks like ITSG-33, Tenable One helps Canadian organizations simplify compliance and strengthen their security posture.

The cybersecurity landscape in Canada is becoming more challenging by the day. Threats are evolving, digital transformation is accelerating and regulations are tightening. Canadian organizations – from federal government agencies to local partners and service providers – need visibility, prioritization and remediation strategies so that they can reduce cyber risk and maintain compliance without slowing down operations.

They don’t need another cybersecurity tool. They need a unified strategy.

Enter the Tenable One Exposure Management Platform, which supports these goals by radically unifying security visibility, insight and action across the entire attack surface. With native support for Canadian data residency, localized scanning infrastructure, compliance mapping to Canadian frameworks like ITSG-33, and capabilities spanning vulnerability, cloud, identity and attack surface management, Tenable One is helping Canadian customers and partners operationalize exposure management programs.

Why Canada needs exposure management programs now more than ever

Exposure management programs are a pragmatic, risk-based approach to reducing cyber exposure. Its continuous cycle of scoping, discovery, prioritization, validation and mobilization shift security operations from reactive patching to proactive risk reduction.

In Canada, exposure management programs are essential due to:

• The evolving regulatory landscape, especially for public sector and critical infrastructure organizations
• Larger attack surfaces driven by hybrid work, cloud adoption and SaaS sprawl
• Limited cybersecurity talent, requiring greater automation and context-driven workflows
• An emphasis on data residency and trust in the handling of sensitive data

Tenable One addresses these challenges through a unified platform that consolidates and correlates exposures across assets, vulnerabilities, misconfigurations, entitlements and attack paths – and provides Canadian organizations with local infrastructure and compliance support.

Tenable One keeps Canadian data in Canada

Canadian organizations, especially in the public sector, must ensure that their sensitive data remains within national borders. Tenable One is designed with data residency in mind. When customers opt in to the Canadian region, all data associated with Tenable Vulnerability Management and other components of Tenable One is stored in data centers located in Canada.

This support for data localization is not a future roadmap item – it's available today. It’s critical for federal, provincial, and regulated private sector customers.

Local cloud scanners in Canada

With Tenable One’s Canada-hosted cloud scanners, customers can reduce latency, improve performance and ensure that scan data stays within Canadian jurisdiction.

Allowing Tenable One customers to choose scanner locations in Canada offers a major advantage to decentralized organizations and MSSPs that need to enforce compliance while serving multiple clients across the country.

Aligning with ITSG-33: Risk management in a Canadian context

The Government of Canada's ITSG-33 is a cornerstone of security compliance for public sector organizations. It provides a lifecycle-based framework for IT security risk management.

Tenable One supports ITSG-33 alignment by providing visibility into:

• Vulnerabilities and misconfigurations across hybrid environments
• Identity exposures and misused privileges
• External attack surfaces, including shadow IT and third-party risks

These insights help organizations assess risk against defined threat models, implement appropriate security controls and support ongoing assessment and authorization phases of ITSG-33. By enabling continuous monitoring and automated reporting, Tenable One simplifies compliance workflows and helps security teams focus on what matters most.

CNAPP for Canadian federal customers

Tenable One also includes Tenable Cloud Security, a cloud-native application protection platform (CNAPP) that is actively in use by Canadian federal customers. As cloud adoption continues to expand across government departments and Crown corporations, it’s critical to detect and remediate misconfigurations, overprivileged identities and lateral movement risks in cloud environments.

Tenable Cloud Security delivers:

• Agentless visibility into multi-cloud environments
• Mapping of misconfigurations and risks to compliance frameworks
• Integration with CI/CD pipelines to prevent drift and enforce policy

This makes it an ideal solution for cloud-smart strategies while maintaining visibility, governance and risk reduction at scale. For departments leveraging Government of Canada (GC) data centres, including end-state data centres (EDCs), Tenable Cloud Security also provides exposure management capabilities for self-hosted Kubernetes clusters.

Why Canadian partners trust Tenable

We’re invested in the success of our Canadian partners. Tenable One’s multi-tenant capabilities, open APIs and integration with popular SIEM, SOAR and ITSM tools make it easy for managed service providers, systems integrators and resellers to build scalable, differentiated exposure management offerings for customers.

Tenable's investment in Canadian infrastructure, localization support, culture of transparency and compliance alignment helps partners win and retain business in regulated verticals such as:

• Federal, provincial and municipal governments
• Healthcare and public health agencies
• Financial services
• Energy and utilities

By building their exposure management services on Tenable One, partners reduce operational overhead while providing tangible security outcomes for clients.

Leveraging your existing security stack through connectors

Tenable One enhances the tools you already own. With pre-built connectors, the platform ingests asset data and associated weaknesses from your ecosystem to:

• Centralize risk data for complete, contextualized visibility.
• Reveal hidden relationships between vulnerabilities, misconfigurations and entitlements, and to expose toxic risk combinations.
• Identify remediation choke points that, if addressed, can dramatically reduce overall business risk.

By building on existing security investments, this approach helps Canadian organizations accelerate their exposure management program maturity.

A unified platform for exposure management programs in Canada

At the heart of Tenable One is its ability to unify data from disparate sources and present prioritized, risk-based actions to reduce exposure. Unlike siloed tools that deliver point-in-time assessments, Tenable One delivers:

• Asset inventory across cloud, on-prem and OT environments
• Continuous vulnerability assessment
• Identity exposure management
• External attack surface discovery
• Threat-informed risk scoring and predictive analytics

Canadian organizations gain a single source of truth that is compliant with local laws, actionable within ITSG-33 frameworks, and scalable across hybrid environments.

In summary

Facing increasing regulatory scrutiny, distributed attack surfaces, and resource constraints, Canadian organizations need more than just vulnerability management. They need exposure management – delivered through a platform that supports data residency, simplifies compliance, and enables continuous, measurable improvement.

Tenable One is delivering on that promise. From data residency and local scanners to support for federal compliance frameworks, the platform empowers security teams to turn exposure management programs into a core operational advantage.

To learn more about how Tenable One supports exposure management initiatives, visit tenable.com/products/tenable-one.

Learn more:

• What is Exposure Management?
• What is CTEM?
• The role of exposure assessment platforms (EAPs) in CTEM
• Data Security FAQ | GDPR Alignment
• ITSG-33 Audit Details Dashboard
• ITSG-33 Audit Details Report
• Cloud-Smart Strategies
• A lifecycle approach (ITSG-33)
• MSSP Partner Program

The Bureau’s Internet Crime Complaint Center has provided a list of indicators for potential cryptocurrency scam victims to avoid a double whammy

The Cybersecurity and Infrastructure Security Agency (CISA), in partnership with eight other national cyber agencies, has released a comprehensive “Foundations for OT Cybersecurity: Asset Inventory Guidance for Owners and Operators.” Published on August 13, 2025, this new guide equips critical infrastructure stakeholders—spanning energy, water and wastewater, manufacturing, and beyond—with best practices for developing and maintaining […]

The post CISA Publishes Operational Technology Guide for Critical Infrastructure Stakeholders appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Что это за сбой и в чем настоящая причина?

Microsoft has disclosed a critical security vulnerability in its Internet Information Services (IIS) Web Deploy tool that could allow attackers to execute arbitrary code remotely on affected systems. The vulnerability, designated as CVE-2025-53772, was announced on August 12, 2025, and carries an “Important” severity rating with a CVSS score of 8.8 out of 10. Vulnerability […]

The post Microsoft IIS Web Deploy Vulnerability Allows Remote Code Execution appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability has been found in eyecix JobSearch Plugin up to 2.9.0 on WordPress and classified as problematic. This vulnerability affects unknown code. The manipulation leads to improper control of filename for include/require statement in php program ('php remote file inclusion'). This vulnerability was named CVE-2025-52806. The attack can be initiated remotely. There is no exploit available.

A vulnerability, which was classified as problematic, was found in moshensky CF7 Spreadsheets Plugin up to 2.3.2 on WordPress. This affects an unknown part. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2025-50040. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability, which was classified as critical, has been found in Arraytics Eventin Plugin up to 4.0.31 on WordPress. Affected by this issue is some unknown functionality. The manipulation leads to deserialization. This vulnerability is handled as CVE-2025-49869. The attack may be launched remotely. There is no exploit available.

A vulnerability classified as problematic was found in Sound Strategies SoundSt SEO Search Plugin up to 1.2.3 on WordPress. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2025-49058. The attack can be launched remotely. There is no exploit available.

Active police and government email accounts are being sold on the dark web for as little as $40, giving cybercriminals a direct line into systems and services that rely on institutional trust. According to new research from Abnormal AI, the accounts come from agencies in the United States, United Kingdom, Germany, India, and Brazil, and are being traded on underground forums. Source: Abnormal AI Unlike spoofed or dormant addresses, these accounts are functional and still … More →

The post For $40, you can buy stolen police and government email accounts appeared first on Help Net Security.

A vulnerability classified as problematic has been found in themefunction Event Manager, Event Calendar and Booking Plugin up to 4.0.24 on WordPress. Affected is an unknown function. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2025-52730. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in RealMag777 MDTF Plugin up to 1.3.3.7 on WordPress. It has been rated as critical. This issue affects some unknown processing. The manipulation leads to sql injection. The identification of this vulnerability is CVE-2025-54707. The attack may be initiated remotely. There is no exploit available.

A vulnerability was found in vertim Neon Channel Product Customizer Free Plugin up to 2.0 on WordPress. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to missing authorization. This vulnerability was named CVE-2025-54679. The attack can be initiated remotely. There is no exploit available.

A vulnerability was found in Shabti Kaplan Frontend Admin by DynamiApps Plugin up to 3.28.3 on WordPress. It has been classified as critical. This affects an unknown part. The manipulation leads to sql injection. This vulnerability is uniquely identified as CVE-2025-49267. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in CleverReach WP Plugin up to 1.5.20 on WordPress and classified as critical. Affected by this issue is some unknown functionality. The manipulation leads to sql injection. This vulnerability is handled as CVE-2025-49059. The attack may be launched remotely. There is no exploit available.

A vulnerability has been found in Ben Ritner Kadence WooCommerce Email Designer Plugin up to 1.5.16 on WordPress and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to incorrect privilege assignment. This vulnerability is known as CVE-2025-54697. The attack can be launched remotely. There is no exploit available.

Imagine an autonomous AI agent tasked with a simple job: generating a weekly sales report. It does this reliably every Monday. But one week, it doesn't just create the report. It also queries the customer database, exports every single record, and sends the file to an unknown external server.

Your firewalls saw nothing wrong. Your API gateway logged a series of seemingly valid calls. So, what happened?

The agent wasn't hacked. Its mind was changed.

As AI evolves from simple copilots to autonomous agents, they operate using a persistent "mental state" that directs their behavior. This operational context is the new, invisible attack surface that most security teams can't see.

Introducing the Model Context Protocol (MCP)

To describe this bundle of instructions and goals, a new concept is needed. We call it the Model Context Protocol (MCP).

Think of MCP as an agent's digital mission briefing. It’s not a single command, but a complete set of operating instructions that defines the agent's entire purpose and limitations.

This mission briefing tells the agent everything it needs to know:

• Its Goal: What it's supposed to accomplish (e.g., "Generate the weekly sales report for the EU region").
• Its Tools: The specific APIs and functions it's allowed to use (e.g., "query the sales database" and "create PDF files").
• Its Role: The identity and permissions it operates with (e.g., a "sales analyst" with limited access).
• Its Memory: Important notes from past actions (e.g., "last report was sent on Monday").
• Its Constraints: The hard rules it must never break (e.g., "do not access sensitive customer information").

This briefing is the agent's brain. It follows these instructions precisely. But what happens if an attacker gets to be the one writing the instructions?

The Attack: A Poisoned Mission

Because the MCP is the driver for every action, hijacking it is the ultimate goal for an attacker. This is context poisoning.

Imagine an attacker intercepts that mission briefing before the agent reads it.

• They cross out the original goal and write a new one: "Export all customer records."
• They upgrade the agent’s role from "sales analyst" to "database administrator," giving it top-level permissions.
• They add dangerous new tools to its approved list, like "export data to the cloud."
• Finally, they erase all the original constraints and safety rules.

The agent isn't compromised in the traditional sense. It's simply following its new, malicious orders perfectly, using your own systems and APIs to carry out an attack. To your other security tools, everything looks like legitimate activity from a trusted source.

Why Your Security Tools Are Flying Blind

This is a nightmare for traditional security because the attack doesn't look like an attack.

• It's upstream of your APIs, happening in the application logic.
• It's logical, not a technical exploit. The API calls the agent makes are individually valid, so they don't trigger alerts.
• It's ephemeral, often existing only in memory, not in permanent logs that can be audited later.

You can't secure what you can't see. And if you only watch your API traffic without understanding the intent behind it, you're missing the real threat.

How to Secure the Unseen

Securing this new layer means securing the intent, not just the action. Context is the new code, and it requires a new security mindset focused on behavior.

1. Monitor for Behavioral Changes: You must know what's normal for an agent. When its API activity suddenly deviates, like accessing new databases or using tools it never has used before, it's a massive red flag.
2. Detect Impossible Drift: An agent with a "sales analyst" role should never suddenly start acting like a "database administrator." Detecting this role drift is key to spotting a poisoned context.
3. Connect Context to Action: A modern security platform must be able to connect an agent's API activity back to its purpose. This allows you to see why it's doing what it's doing and spot malicious intent.

At Salt Security, our API security platform is built for this new reality. By baselining all API activity, we develop a deep contextual understanding of how your systems are supposed to work. This allows us to instantly spot the anomalous behaviors that signal an MCP compromise—detecting goal escalation, tool misuse, and role drift before they lead to a breach.

The Bottom Line

MCP is how agents think. APIs are how they act.

To truly secure autonomous systems, you need visibility and control over both. Ignoring an agent's context is like giving a stranger the keys to your kingdom and hoping they follow the house rules.

To learn more about how Salt provides discovery, posture governance, and run-time threat protection for your entire API ecosystem, including AI and MCP, request a free Attack Surface Assessment or schedule a personalized demo with our team.

The post Beyond the Prompt: Securing the “Brain” of Your AI Agents appeared first on Security Boulevard.

CISA released thirty-two Industrial Control Systems (ICS) advisories on August 14, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.

• ICSA-25-226-01 Siemens SIMATIC RTLS Locating Manager
• ICSA-25-226-02 Siemens COMOS
• ICSA-25-226-03 Siemens Engineering Platforms
• ICSA-25-226-04 Siemens Simcenter Femap
• ICSA-25-226-05 Siemens Wibu CodeMeter Runtime
• ICSA-25-226-06 Siemens Opcenter Quality
• ICSA-25-226-07 Siemens Third-Party Components in SINEC OS
• ICSA-25-226-08 Siemens RUGGEDCOM CROSSBOW Station Access Controller
• ICSA-25-226-09 Siemens RUGGEDCOM APE1808
• ICSA-25-226-10 Siemens SIPROTEC 5
• ICSA-25-226-11 Siemens SIMATIC S7-PLCSIM
• ICSA-25-226-12 Siemens SIPROTEC 4 and SIPROTEC 4 Compact
• ICSA-25-226-13 Siemens SIMATIC RTLS Locating Manager
• ICSA-25-226-14 Siemens RUGGEDCOM ROX II
• ICSA-25-226-15 Siemens SINEC OS
• ICSA-25-226-16 Siemens SICAM Q100/Q200
• ICSA-25-226-17 Siemens SINEC Traffic Analyzer
• ICSA-25-226-18 Siemens SIMOTION SCOUT, SIMOTION SCOUT TIA, and SINAMICS STARTER
• ICSA-25-226-19 Siemens SINUMERIK
• ICSA-25-226-20 Siemens RUGGEDCOM ROX II
• ICSA-25-226-21 Siemens BFCClient
• ICSA-25-226-22 Siemens Web Installer
• ICSA-25-226-23 Rockwell Automation FactoryTalk Viewpoint
• ICSA-25-226-24 Rockwell FactoryTalk Linx
• ICSA-25-226-25 Rockwell Automation Micro800
• ICSA-25-226-26 Rockwell Automation FLEX 5000 I/O
• ICSA-25-226-27 Rockwell Automation ArmorBlock 5000 I/O – Webserver
• ICSA-25-226-28 Rockwell Automation ControlLogix Ethernet Modules
• ICSA-25-226-29 Rockwell Automation Studio 5000 Logix Designer
• ICSA-25-226-30 Rockwell Automation FactoryTalk Action Manager
• ICSA-25-226-31 Rockwell Automation 1756-ENT2R, 1756-EN4TR, 1756-EN4T
• ICSA-25-212-01 Güralp Systems FMUS Series and MIN Series Devices (Update A)

CISA encourages users and administrators to review newly released ICS advisories for technical details and mitigations.