Aggregator

此举填补了公共服务AI风险保障空白。

供应链安全防护厂商Socket发布专项报告，正式确认Docker Hub官方镜像仓库已出现恶意篡改的Trivy污染制品包。

认可加持✅ 锦行科技入选2026深圳网络安全全景图，覆盖6大领域、20+细分赛道，深耕安全，守护数字防线。

Знакомые инструменты администрирования превратились в опасное оружие.

Microsoft released an emergency update to fix the March 2026 KB5079391 non-security preview update, which was pulled over the weekend due to installation issues. [...]

JPCERT/CC hosted JSAC2026 from January 21 to 23, 2026. JSAC is an annual conference dedicated to advancing the capabilities of security analysts by fostering the exchange of technical knowledge and operational insights related to incident analysis and response. Now in...

Rust has been gaining attention in recent years as a language expected to replace C and C++, due to its memory safety and high performance. While Rust continues to be adopted as a programming language, malware developed using Rust (hereinafter...

Привычные радиоканалы забиты трафиком под завязку. Но решение есть…

Most organizations running Microsoft 365 rely on native email controls as their primary line of defense. According to Mimecast research, 38% of organizations depend exclusively on those native controls for collaboration security, and 64% say those controls are insufficient against the threat landscape. Ranjan Singh, Chief Product and Technology Officer at Mimecast, outlines how the company’s API-based approach delivers protection on par with a traditional Secure Email Gateway without requiring infrastructure changes, and why that … More →

The post Mimecast makes enterprise email security deployable in minutes appeared first on Help Net Security.

有一种分析师，我见过很多。给他一份材料，5分钟内他就能给出一个清晰有力的结论，语气笃定，逻辑流畅，听上去无懈

冷战时代的情报体系有一个核心假设：信息本身就是权力。藏得越深，知道得越多，优势越大。于是整个系统围绕着"保密

朝鲜公开特战部队高强度表演，特种作战与心理威慑叠加可能刺激周边军备对冲（资料编码260331590，11页，

很多人看国际新闻，最容易跳过去的一部分，就是那些官方声明。因为确实太像套话了。" 高度关注。" " 严重关切。

Axios npm包遭供应链投毒，恶意版本植入RAT木马窃取凭据，请速排查处置。

Увиденное в квартире взломщика совсем не походило на добычу профессионального вора.

Mercor AI has officially confirmed a severe data breach following claims by the notorious Lapsus$ hacking group that they stole 4 terabytes of sensitive company data. The incident, stemming from a recent supply chain attack on the open-source LiteLLM project, has exposed proprietary source code, internal databases, and massive amounts of user-verification data. The hacking […]

The post Mercor AI Confirms Data Breach Following Lapsus$ Claims of 4TB Data Theft appeared first on Cyber Security News.

Generative AI tools have brought the cost of deepfake production low enough that criminals and state-sponsored actors now use them routinely against financial institutions. A joint paper from the American Bankers Association, the Better Identity Coalition, and the Financial Services Sector Coordinating Council lays out the scale of the problem and calls on federal and state policymakers to act across various areas. Deepfake incidents in the fintech sector increased 700% in 2023 compared to 2022. … More →

The post Financial groups lay out a plan to fight AI identity attacks appeared first on Help Net Security.

欢迎订阅《中国信息安全》杂志！

当前，具身智能作为人工智能从虚拟世界迈向物理世界的核心形态，正成为全球科技竞争的制高点和未来产业发展的新引擎，更是我国培育新质生产力、抢占科技革命与产业变革先机的关键领域。