Aggregator

Netskope's Sanjay Beri on Data Risk, Agent Visibility and Enabling AI Safely
AI adoption has outrun enterprise security, leaving data exposed and controls nonexistent. Sanjay Beri, co-founder and CEO at Netskope, says the answer isn't restriction. It's visibility, context and a culture of enablement.

Car Hacking Village's Ghali on Automotive Security for AI-Driven Mobility Ecosystem
As vehicles evolve into connected, software-defined systems, cybersecurity risks now extend beyond the car itself. Kamel Ghali, vice president at Car Hacking Village, explains why threat modeling, AI safety and ecosystemwide visibility are critical in modern automotive security.

Rain Capital's Lefort on Overcapitalization and Cybersecurity's Barbell Effect
Cybersecurity funding hit all-time highs in 2025, rivaling the 2021 boom, said Sidra Ahmed Lefort, venture partner at Rain Capital. A "barbell effect" has taken hold, with capital concentrating at the earliest and latest stages while squeezing the Series cB and C middle.

Costanoa Ventures' John Cowgill on Moving From Static Analysis to Runtime Defense
Artificial intelligence-generated code is arriving faster than security teams can review it, and the risks are moving from the line level to the system level, says John Cowgill, partner at Costanoa Ventures.

Исследование с участием James Webb меняет взгляд на связь атмосферы и магнитного поля у газовых гигантов.

ShinyHunters claims it breached European Commission systems, leaking 350GB of data. Officials are investigating, with no independent verification yet.

Случайно открытый черновик рассказал о модели, которая обходит прежний флагман и пока пугает даже собственных создателей

Попытка сэкономить на экспертах превращается в рискованный билет в один конец.

A vulnerability labeled as problematic has been found in Langflow. Affected is an unknown function of the component v2 API. Such manipulation leads to path traversal. This vulnerability is documented as CVE-2026-33309. The attack requires being on the local network. There is not any exploit available.

A vulnerability classified as critical has been found in Tabs Mail Carrier 2.5.1. Affected by this vulnerability is an unknown functionality of the component SMTP Service. The manipulation of the argument MAIL FROM leads to out-of-bounds write. This vulnerability is referenced as CVE-2019-25646. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

A vulnerability was found in langflow-ai langflow up to 1.8.x. It has been declared as problematic. The impacted element is an unknown function. The manipulation results in injection. This vulnerability is reported as CVE-2026-33475. The attack can be launched remotely. No exploit exists. It is recommended to upgrade the affected component.

A vulnerability identified as critical has been detected in langflow-ai langflow up to 1.8.1. Affected is an unknown function of the file /api/v2/files/ of the component Incomplete Fix CVE-2025-68478. Performing a manipulation results in path traversal. This vulnerability is known as CVE-2026-33309. Remote exploitation of the attack is possible. No exploit is available. You should upgrade the affected component.

Рассказываем о методах работы самой скрытной группировки последних лет.

The European Commission has allegedly been breached by ShinyHunters, with reported data dumps including content from mail servers. The European Commission has allegedly been breached by ShinyHunters, with reported data dumps including content from mail servers and internal communications systems. The cybercrime group added the Commission to its Tor data leak site, claiming the theft […]

今日暂未更新资讯~
更多最新文章，请访问SecWiki

Threat actors with ties to Iran successfully broke into the personal email account of Kash Patel, the director of the U.S. Federal Bureau of Investigation (FBI), and leaked a cache of photos and other documents to the internet. Handala Hack Team, which carried out the breach, said on its website that Patel "will now find his name among the list of successfully hacked victims." In a statement

JCal，一个将“已故”亿万富翁 Jeffrey Epstein 的活动记录以 Google 日历形式精确呈现的创新工具。 通过这个工具，读者可以直观地一窥这位备受争议人物过去 20 多年的日常安排，包括航班、会议、旅行、约会以及与各种知名人士的互动。 这项技术不仅让复杂的 Epstein 文件档案变得易读易懂，也揭示了个人隐私在数字时代的脆弱性，同时引发了对如何保存和呈现历史记录的深刻反思。 “通过 JCal，Jeffrey Epstein 的每一场会议、每一次旅行都被精确地记录在 Google 日历中，仿佛他从未离开。” JCal 核心亮点 熟悉的 Google Calendar 界面： 支持日视图、周视图、月视图，以及强大的搜索功能（可按人物、事件类型或关键词过滤），操作体验与日常使用的日历工具几乎一致。 基于公开文件的真实数据： 所有事件均来源于美国司法部等机构公开释放的 Epstein 文件和邮件档案，涵盖上百个详细记录，包括航班路线（如纽约飞往西棕榈滩）、与 Ghislaine Maxwell 等人的会议、医生预约、社交聚会等。部分事件带有原始文件中的 [REDACTED] 标记，保留了档案的真实性。 交互式细节查看： 点击任意事件，即可展开额外上下文备注、相关邮件链接或原始文档，帮助用户快速理解事件背景和人际网络。 JCal (jmail[.]world/calendar)是 JMail 团队（曾推出 Epstein 邮件 Gmail 克隆工具）的又一力作，旨在让原本散落在 PDF 和扫描文件中的海量信息，以时间线的形式变得“超易读”（hyperlegible）。 无论你是研究者、记者，还是对这段历史感兴趣的普通人，都能通过这个工具更清晰地探索 Epstein 的活动时间脉络与社会连接。 这不仅仅是一个日历工具，更是一种对数字历史呈现方式的创新尝试，在便利与反思之间，留给每位访客自己的判断。 顺带一提，加上这个模块，已经完成9大模块了 Jmail、JPhotos、JDrive、JFlights、JVR、Jamazon、JeffTube、Jwiki、JCal，甚至还有一个AI对话模块，见图片。