Aggregator
拥抱下一代网络安全人才
拥抱下一代网络安全人才
PureHVNC RAT Developers Exploit GitHub to Spread Pure Malware Source Code
The developers behind the PureHVNC remote access trojan (RAT) have been uncovered using GitHub repositories to host critical components and plugin source code for their Pure malware family. Check Point Research’s recent forensic analysis of an eight-day ClickFix intrusion campaign reveals that PureHVNC’s command-and-control (C&C) server delivered GitHub URLs to infected machines, a practice previously […]
The post PureHVNC RAT Developers Exploit GitHub to Spread Pure Malware Source Code appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
白垩纪兽脚类恐龙奔跑时速能达到 45 公里
253 смартфона, ноль телеметрии Google и собственное облако. Вышла /e/OS 3.1 — мобильная система для тех, кто устал от слежки
You May Have to Wait a Little Longer for That Jaguar in the UK as Cyberattack Continues to Hamper Production
You May Have to Wait a Little Longer for That Jaguar in the UK as Cyberattack Continues to Hamper Production
Jaguar Land Rover’s prolonged plant shutdown after a ransomware attack by Scattered Lapsus$ Hunters highlights the urgent need for cyber resilience. Experts stress leadership, supply chain security, and cultural commitment to cybersecurity as key to surviving modern attacks.
The post You May Have to Wait a Little Longer for That Jaguar in the UK as Cyberattack Continues to Hamper Production appeared first on Security Boulevard.
Linux Kernel’s KSMBD Subsystem Vulnerability Let Remote Attackers Exhaust Server Resources
A denial-of-service flaw in the Linux kernel’s KSMBD (SMB Direct) subsystem has raised alarms across the open-source community. Tracked as CVE-2025-38501, the issue allows a remote, unauthenticated adversary to exhaust all available SMB connections by exploiting the kernel’s handling of half-open TCP sessions. Key Takeaways1. CVE-2025-38501 lets attackers exhaust KSMBD connections via half-open TCP handshakes.2. […]
The post Linux Kernel’s KSMBD Subsystem Vulnerability Let Remote Attackers Exhaust Server Resources appeared first on Cyber Security News.
Massive “Shai-Halud” Supply Chain Attack Compromised 477 NPM Packages
A large-scale supply chain attack dubbed “Shai-Halud” that infiltrated the JavaScript ecosystem via the npm registry. In total, 477 packages, including packages from CrowdStrike, were found to contain stealthy backdoors and trojanized modules designed to siphon credentials, exfiltrate source code, and enable remote code execution (RCE) on developer machines. Key Takeaways1. Obfuscated backdoors hit 477 npm packages […]
The post Massive “Shai-Halud” Supply Chain Attack Compromised 477 NPM Packages appeared first on Cyber Security News.
搬瓦工性价比 VPS “迷你鸡” 限量补货!低价 $17 每年,终身续费同价
Astrix unveils secure-by-design AI agents to help enterprises manage compliance risk
Astrix Security launched the AI Agent Control Plane (ACP), a solution designed to deploy secure-by-design AI agents across the enterprise. With ACP, every AI agent receives short-lived, precisely scoped credentials and just-in-time access based on least privilege principles, eliminating access chaos and reducing compliance risk. “Agentic threats are no longer theoretical. Recent studies show 80% of companies have already experienced unintended AI agent actions, from unauthorized system access to data leaks,” said Alon Jackson, Astrix … More →
The post Astrix unveils secure-by-design AI agents to help enterprises manage compliance risk appeared first on Help Net Security.