Aggregator

Zscaler Inc. announced on May 27, 2025, a definitive agreement to acquire Red Canary, a leading Managed Detection and Response (MDR) company, in a strategic move to enhance its AI-powered security operations capabilities.  The acquisition combines Zscaler’s Zero Trust Exchange platform with Red Canary’s threat detection expertise to create a unified, agile Security Operations Center […]

The post Zscaler Expands AI-Driven Security Operations with Red Canary Acquisition appeared first on Cyber Security News.

The suspects allegedly parked cars with activated dash cams near military targets and left them to record for up to 12 hours.

PlainID introduced Policy Management for Agentic AI. Securing the future with a solution that brings identity-aware, policy-based access control to the next generation of AI systems. As organizations adopt AI and LLM-based systems, they are ingesting and processing vast amounts of sensitive, and high-risk data. Organizations are exposed to: Data leaks and compliance violations (e.g., PII, IP, regulated content) Regulatory and reputational risks from misused or exposed data Inability to ensure auditability and accountability in AI-driven decisions Delays in … More →

The post PlainID announces Policy Management for Agentic AI appeared first on Help Net Security.

Microsoft has introduced Windows Backup for Organizations, a new backup tool for enterprises that simplifies backups and makes the transition to Windows 11 easier. [...]

Dark Reading is offering its readers the opportunity to tell us how we're doing via a new survey.

Apple blocked over $9B in fraud in 5 years, including $2B in 2024, stopping scams from deceptive apps to fake payment schemes on the App Store. In the past five years alone, Apple says it has blocked over $9 billion in fraudulent transactions, more than $2 billion of that in 2024, highlighting its ongoing efforts […]

一次设计，攻破多模AI系统

Ты просишь помощи у ИИ — а он сам создает PR с утечкой.

A flaw in OneDrive File Picker has exposed millions to data overreach through excessive OAuth permissions

Meet the elite squad that’s hunting the next major cyberattack. With more than 150 years of combined research experience and expert analysis, the Tenable Research Special Operations team arms organizations with the critical and actionable intelligence necessary to proactively defend the modern attack surface. 

The digital battlefield is constantly shifting. It's no longer enough to just react. We need to anticipate. Massive data breaches leave consumers exposed to identity thieves, ransomware attacks cripple hospitals, and Nation State actors disrupt critical infrastructure. It's not just about vulnerable software anymore. In our hyper-connected world, from the smart devices in your home to the complex systems running our cities, everything is a potential target. 

The explosion of cloud services and AI is accelerating this risk, creating countless new windows for cybercriminals and hostile nations to exploit. From software and hardware vulnerabilities, to misconfigurations, compromised identities, overexposed and highly privileged environments, and publicly accessible databases, the threat landscape is everywhere, all at once. As of October 2024, over 240,000 Common Vulnerabilities and Exposures (CVEs) have been tracked through the MITRE CVE program, including many that have significantly impacted consumers, businesses and governments. The volume has historically been too much for security teams to keep up with. 

Beyond the sheer increase in the volume of traditional vulnerabilities, defenders are faced with an ever-expanding attack surface as enterprises have adopted remote work and new technologies like Generative AI that all contribute to increases in both the number and complexity of exposures that elevate the likelihood of business impacts.

But what if there was a team dedicated to seeing these threats coming, understanding the tactics being used by adversaries, and sending early warning signals for what might come next?

Introducing the Tenable Research Special Operations (RSO) Team – the next milestone in the evolution of the Research teams and capabilities that Tenable brings to bear, and designed to operate at the forefront of the fight.

The "special ops" of cybersecurity: What you need to know

Since 2018, Tenable’s Security Response Team (SRT) has monitored the cybersecurity landscape, aggregating and assessing insights from hundreds of sources daily to provide unique insights via Cyber Exposure Alerts and related advisory content. In that same year, we formalized our reverse engineering efforts, founding the Zero-Day Research team; that team’s research efforts have resulted in the discovery and disclosure of more than 500 zero-day vulnerabilities since its formation. In 2023, we launched the Decision Science Operations team to provide improved support for decision making through quantitative analysis techniques and the application of appropriate technologies augmenting human intelligence and analysis. 

Today, the RSO team serves as Tenable’s Forward Logistics Element in the threat landscape, providing customers with the analyses and contextualized exposure intelligence required to manage risks to critical business assets. With over 150 years of collective expertise, this hand-picked group of world-class security researchers is united with one mission: to cut through the noise and deliver critical intelligence about the most dangerous cyber threats emerging right now. Uniting the missions of the Tenable Security Response, Zero-Day Research, and Decision Science Operations teams, RSO disseminates timely, accurate, and actionable information about the latest threats and exposures.

How? RSO is laser-focused on the "capability meets opportunity" equation

• Capability: What are the attackers able to do? What tools, resources, and strategies do they have?
• Opportunity: What weaknesses exist in our systems that attackers can exploit?

By analyzing both sides of this equation, the RSO team can predict potential attacks and pinpoint exactly where the biggest points of exposure reside. This isn't just theoretical; it's about providing real-time, actionable insights that can literally save businesses – and potentially, lives – from devastating cyberattacks.

The RSO team's research goes beyond generic warnings. Not every risk is created equal. We understand that what’s critical for a power grid isn’t the same as what’s critical for a retail chain. Threat context is key to determining risk levels. Our insights are tailored, helping organizations across different industries and regions prioritize the threats that matter most to their specific operations.

Here's what this elite team is digging into – and why you should pay attention

• Known and emergent exploits: Covering the vulnerabilities we already track and finding brand new ones before criminals can weaponize them.
• Nation-state and cybercriminal tactics: Uncovering the latest moves from sophisticated hacking groups and foreign governments.
• AI and emerging tech risks: Assessing the hidden dangers in the newest technologies, like advanced AI models (DeepSeek) and cutting-edge coding protocols (Model Context Protocol, Vibe Coding).
• "Old dog, new tricks" exploits: Discovering how hackers are re-purposing old vulnerabilities for devastating new attacks.
• The science of decision-making: Providing data-driven insights to help organizations make smarter security choices.

New and existing analysis and insights from Tenable RSO can be found on the Tenable Blog, the Tenable Research page and the Tenable Connect Community.

Recent research content from the Tenable RSO Team

• CVE-2025-32756: Zero-Day Vulnerability in Multiple Fortinet Products Exploited in the Wild
• CVE-2025-4427, CVE-2025-4428: Ivanti Endpoint Manager Mobile (EPMM) Remote Code Execution
• Frequently Asked Questions about Vibe Coding
• MCP Prompt Injection: Not Just For Evil
• Frequently Asked Questions About Model Context Protocol (MCP) and Integrating with AI for Agentic Applications
• DeepSeek Deep Dive Part 1: Creating Malware, Including Keyloggers and Ransomware
• Frequently Asked Questions About DeepSeek Large Language Model (LLM)
• Salt Typhoon: An Analysis of Vulnerabilities Exploited by this State-Sponsored Actor
• Microsoft Patch Tuesday 2024 Year in Review
• Volt Typhoon: U.S. Critical Infrastructure Targeted by State-Sponsored Actors

Radiant Logic announced its new Identity Observability features as part of the RadiantOne platform. As identity remains the dominant attack vector for cybercriminals, the latest enhancements to the RadiantOne platform deliver real-time visibility and context into the entire Identity and Access Management (IAM) ecosystem—empowering organizations to proactively detect, prioritize and remediate risks before they are exploited. Gartner in their 2025 Guidance for Comprehensive IAM Architecture Strategy recommends organizations should “Invest in a centralized identity and … More →

The post RadiantOne platform enhancements prevent identity-based attacks appeared first on Help Net Security.

Na een 5 maanden durende paraatheidsperiode voor de NAVO vaart Zr.Ms. Tromp vandaag de haven van Den Helder binnen. Het luchtverdedigings- en commandofregat maakte deel uit van de zogenoemde Standing NATO Maritime Group 1 (SNMG1). Dit vlootverband opereerde op de Noordzee, Oostzee en de Atlantische Oceaan. De schepen voerden patrouilles uit en namen deel aan operaties. Zo bewaakten ze de veiligheid.

Пока в Рио пляшут, в даркнете торгуют.

Hackers likely based in Vietnam advertised websites offering AI-powered video generation tools, according to Google's Mandiant unit, and then used the sites to spread infostealers and other malware.

mips/arm pwn汇编指令，函数调用机制，题目运行的运行和调试

A vulnerability, which was classified as critical, was found in Likes and Dislikes Plugin Plugin up to 1.0.0 on WordPress. Affected is an unknown function. The manipulation of the argument post leads to sql injection. This vulnerability is traded as CVE-2025-5287. It is possible to launch the attack remotely. There is no exploit available.