Aggregator

Cybersecurity researchers have uncovered 11 malicious Go packages designed to download additional components from remote servers and execute them on both Windows and Linux systems. According to Socket researcher Olivia Brown, during execution the...

The post Supply Chain Alert: Malicious Go Packages Found Targeting Windows and Linux appeared first on Penetration Testing Tools.

ddos

Lynx

Dark Feed IO

4 months ago

You must login to view this content

cohenido

法航荷航遭袭泄露客户资料，谷歌成为网络攻击受害者|一周特辑

威努特工控安全

4 months ago

点击查看更多本周网络安全大事件。

容器安全小佑科技云原生安全防护平台产品介绍

信息安全知识库

4 months ago

本文链接

01 公司介绍 02 云原生安全挑战 03 产品功能与解决方案

CastleBot Malware-as-a-Service Deploys Range of Payloads Linked to Ransomware Attacks

Cyber Security News

4 months ago

A sophisticated new malware framework named CastleBot has emerged as a significant threat to cybersecurity, operating as a Malware-as-a-Service (MaaS) platform that enables cybercriminals to deploy diverse malicious payloads ranging from infostealers to backdoors linked to ransomware attacks. First appearing in early 2025, the malware has demonstrated remarkable adaptability and technical sophistication, with activity levels […]

The post CastleBot Malware-as-a-Service Deploys Range of Payloads Linked to Ransomware Attacks appeared first on Cyber Security News.

Tushar Subhra Dutta

DARPA announces $4 million winner of AI code review competition at DEF CON

The Record

4 months ago

The winner announced on Friday at the DEF CON cybersecurity conference, known as Team Atlanta, is composed of tech experts from Georgia Tech, Samsung Research, the Korea Advanced Institute of Science & Technology (KAIST) and the Pohang University of Science and Technology (POSTECH).

Your Code Is Not Safe: Malicious NPM Packages Are Deleting Files

Penetration Testing Tools - Metepreter.org

4 months ago

Two malicious packages have been discovered in the NPM ecosystem, disguised as libraries for building bots and automated services using the WhatsApp Business API. Identified by researchers at Socket, these modules mimicked popular WhatsApp...

The post Your Code Is Not Safe: Malicious NPM Packages Are Deleting Files appeared first on Penetration Testing Tools.

ddos

DARPA’s AI Cyber Challenge reveals winning models for automated vulnerability discovery and patching

CyberScoop

4 months ago

The initiative seeks to patch vulnerabilities in open-source code before they are exploited by would-be attackers. Now comes the hard part — putting the systems to the test in the real world.

The post DARPA’s AI Cyber Challenge reveals winning models for automated vulnerability discovery and patching appeared first on CyberScoop.

Matt Kapko

French firm Bouygues Telecom suffered a data breach impacting 6.4M customers

Security Affairs

4 months ago

Bouygues Telecom suffered a cyberattack that compromised the personal information of 6.4 million customers. French telecommunications company Bouygues Telecom suffered a cyberattack that resulted in the compromise of personal information of 6.4 million customers. Bouygues Telecom, part of the Bouygues industrial group, is one of France’s leading telecom providers, offering mobile, internet, and IPTV services. […]

Pierluigi Paganini

New Windows-Based DarkCloud Stealer Attacking Computers to Steal Login Credentials and Financial Data

Cyber Security News

4 months ago

A sophisticated new variant of the DarkCloud information stealer has emerged in the cyberthreat landscape, targeting Windows users through carefully crafted phishing campaigns designed to harvest sensitive credentials and financial information. This fileless malware variant represents a significant evolution in stealer technology, employing advanced evasion techniques and multi-stage deployment mechanisms that make detection particularly challenging […]

The post New Windows-Based DarkCloud Stealer Attacking Computers to Steal Login Credentials and Financial Data appeared first on Cyber Security News.

Tushar Subhra Dutta

KrebsOnSecurity in New ‘Most Wanted’ HBO Max Series

Ransomware – Krebs on Security

4 months ago

A new documentary series about cybercrime airing next month on HBO Max features interviews with Yours Truly. The four-part series follows the exploits of Julius Kivimäki, a prolific Finnish hacker recently convicted of leaking tens of thousands of patient records from an online psychotherapy practice while attempting to extort the clinic and its patients.

BrianKrebs

KrebsOnSecurity in New ‘Most Wanted’ HBO Max Series

Krebs on Security

4 months ago

BrianKrebs

OpenAI to fix GPT-5 issues, double rate limits for paid users after outrage

Bleeping Computer.

4 months ago

OpenAI's CEO, Sam Altman, overpromised on GPT-5, and real-life results are underwhelming, but it looks like a new update is rolling out that might address some of the concerns. [...]

Mayank Parmar

CVE-2025-55188 | 7-Zip up to 25.00 Symbolic Links link following (EUVD-2025-24018)

VulDB Recent Entries

4 months ago

A vulnerability was found in 7-Zip up to 25.00. It has been classified as critical. This affects an unknown part of the component Symbolic Links Handler. The manipulation leads to link following. This vulnerability is uniquely identified as CVE-2025-55188. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

Linux 6.17 Kernel Gets a Performance Boost for Gaming Laptops

Penetration Testing Tools - Metepreter.org

4 months ago

The new Linux 6.17 kernel introduces a unified standard for the so-called “performance button” increasingly found on gaming laptops. This key now has an assigned unique code—KEY_PERFORMANCE—allowing Linux systems to properly recognize it and...

The post Linux 6.17 Kernel Gets a Performance Boost for Gaming Laptops appeared first on Penetration Testing Tools.

ddos

Aggregator

Managed ad