Aggregator
【安全圈】美国政府命令 Anthropic 暂停向外国公民提供 Fable 5 和 Mythos 5 访问权限
【安全圈】现实版黑客训练场!FBI 重金搭建肉鸡小镇:200 台服务器随便黑
【安全圈】飞书崩了!!!
Infostealers, AI, and a 90% Affiliate Cut Fuel The Gentlemen group’s Rise
Как собрать ролевую модель доступа при хаосе в инфраструктуре
Названа ещё одна возможная причина запрета Fable 5 от Anthropic. И она звучит вполне убедительно
人类管理推动水稻产量过去五十年翻倍
Sniper Dz Scams Target MENA Users via Fake Facebook Offers and Browser Alerts
JVN: OpenSSLにおける脆弱性に対するアップデート(2026年6月9日)
Palo Alto Warns of Active Exploitation of PAN-OS GlobalProtect VPN Flaw
内存成本占到了手机成本的五成以上
Onspring CISO on where automated GRC systems fall short
In this interview with Help Net Security, Nichole Windholz, CISO at Onspring, talks about the limits of automated GRC systems and continuous control monitoring. She explains why color-coded dashboards can hide nuance, how teams can check the data feeding their tools, and which risks resist measurement, such as insider behavior and vendor concentration. Continuous control monitoring tools tend to produce a green-yellow-red mosaic that flattens nuance. When a CISO walks into a board meeting with … More →
The post Onspring CISO on where automated GRC systems fall short appeared first on Help Net Security.
Дискриминация, чертежи оружия и поддельные фото. За что бывший инженер подал в суд на компанию Илона Маска
Open-source CI/CD abuse detector guards against stolen credential attacks
CI/CD Abuse Detector is an open-source project that uses a large language model to flag suspicious changes to continuous integration and continuous deployment pipelines, workflows, and automation configurations. The repository contains drop-in templates for GitHub Actions, GitLab CI, and Azure DevOps. The project targets a common attack chain in software supply chain compromises. Stolen developer credentials are used to push modifications to workflow files, which then harvest secrets stored in the CI environment. The detector … More →
The post Open-source CI/CD abuse detector guards against stolen credential attacks appeared first on Help Net Security.