Aggregator

You must login to view this content

You must login to view this content

You must login to view this content

A malicious npm package named undicy-http has surfaced inside the Node.js developer ecosystem, quietly compromising machines of developers who mistakenly install it. The package impersonates undici, the official HTTP client library bundled with Node.js that handles millions of weekly downloads. Despite sharing a near-identical name, undicy-http contains zero HTTP client functionality. Instead, it launches a two-stage attack capable of stealing […]

The post New npm Supply Chain Attack Uses undicy-http to Deploy Screen-Streaming RAT and Browser Injector appeared first on Cyber Security News.

3月20日，中关村网络安全与信息化产业联盟第三届第三次会员大会暨年度工作会顺利召开。会上，联盟对2025年度在各项工作中表现突出的会员单位进行了致谢，并公布了多项先进单位名单。梆梆安全凭借在网络安全领域的持续深耕，以及在推动产业协同发展方面的积极贡献，荣膺“2025年度联盟最佳合作伙伴单位”。

网络安全是数字时代的重要安全底座，关乎数字中国建设的根基与命脉。当前，我国网信产业正加速迈入法治化、规范化发展的新阶段，各类新技术、新应用在释放创新活力的同时，也伴生了新的安全风险与防护挑战。

面对日益复杂的网络威胁形势，梆梆安全深刻认识到生态协同在筑牢安全防线中的关键作用，持续深度参与联盟组织的产业交流、技术研讨、行业沙龙及网络安全科普活动。

携手联盟专家开展技术交流，深入产业一线走访调研，精准对接业务需求，为深化产业协同、实现合作共赢奠定坚实基础。

持续参与联盟“前锋汇”等系列活动，积极贡献行业智慧与实践经验，赋能产业发展，彰显企业责任与专业担当。

亮相《大咖聊网安》第一季，围绕网络文明素养与手机安全防范展开深度分享，持续引发广泛关注，助力公众提升网络安全意识，共筑清朗网络空间。

在“e网揭密・安全科普课堂”社区反诈活动中，梆梆安全结合真实案例剖析新型诈骗手法，为居民提供实用防范建议与手机安全使用指南，助力公众提升反诈意识与自我防护能力。

积极响应联盟“赤心向党”红色家书朗读活动，以党建引领传承红色基因，将革命精神融入网信事业，激发创新发展红色动能。

2026年是“十五五”开局之年，网信产业迎来战略机遇期。梆梆安全将紧扣国家网络安全战略部署，持续优化产品与服务体系，深化产业生态协同，积极输出安全实践经验与技术创新成果。未来，公司将进一步强化与联盟及成员单位的紧密合作，以更高质量的安全能力支撑行业稳健发展。

Egnyte has announced two major additions to the Egnyte Content Cloud: AI Safeguards, which give organizations granular control over how AI interacts with sensitive content, and an AI Assistant that acts as a built-in collaborator across Egnyte workspaces. AI Safeguards As organizations accelerate AI adoption, ungoverned access to sensitive content by AI systems represents a growing and underappreciated risk. Egnyte’s AI Safeguards addresses this directly by embedding AI controls into the same platform that already … More →

The post Egnyte expands Content Cloud with AI Governance and built-in Assistant appeared first on Help Net Security.

Two high-severity vulnerabilities have been discovered in libpng, the widely used reference library for reading and writing PNG images. These flaws allow attackers to trigger process crashes, leak sensitive information, and potentially execute arbitrary code by convincing a system to process a crafted PNG file. The vulnerabilities affect any software that parses malformed images, making […]

The post PNG Vulnerabilities Allow Attackers to Trigger Process Crashes, Leak Sensitive Information appeared first on Cyber Security News.