Aggregator

论坛·原创 | 战场机器人对国际人道法的挑战与规制路径

中国信息安全
4 months 1 week ago
战场机器人的发展演进给国际人道法的基本原则和相关机制带来了新的挑战。因此,要在把握战场机器人这一人工智能武器特性的基础上,梳理当前技术水平战场机器人对国际人道法的挑战,提出规范战场机器人军事化应用的中国方案,确保人工智能安全、可靠、可控。

Leaked Credentials Up 160%: What Attackers Are Doing With Them

不安全
4 months 1 week ago
文章探讨了组织凭据泄露的长期影响及其日益严重的威胁。数据显示,2024年凭据泄露占数据泄露事件的22%,超越钓鱼和软件漏洞。自动化工具如恶意软件和AI钓鱼使攻击更容易,且凭据常用于账户接管、密码填充等恶意活动。防范措施包括强密码策略、多因素认证及威胁检测技术。

Columbia University Data Breach – Hackers Stolen 870,000 Individuals Personal and Financial Data

Cyber Security News
4 months 1 week ago

Columbia University has disclosed a major cybersecurity incident where an unauthorized third party accessed and extracted a significant volume of personal and financial data. The breach, which affects a vast number of individuals connected to the university, was discovered following a technical outage in late June. According to a notice sent by the university, the […]

The post Columbia University Data Breach – Hackers Stolen 870,000 Individuals Personal and Financial Data appeared first on Cyber Security News.

Guru Baran

RubyGems, PyPI Hit by Malicious Packages Stealing Credentials, Crypto, Forcing Security Changes

The Hackers News
4 months 1 week ago
A fresh set of 60 malicious packages has been uncovered targeting the RubyGems ecosystem by posing as seemingly innocuous automation tools for social media, blogging, or messaging services to steal credentials from unsuspecting users and likely resell them on dark web forums like Russian Market. The activity is assessed to be active since at least March 2023, according to the software supply
The Hacker News

From Chrome renderer code exec to kernel with MSG_OOB

不安全
4 months 1 week ago
Google Project Zero团队发现Linux内核6.9及以上版本中存在一个安全漏洞(CVE-2025-38236),与UNIX域套接字的MSG_OOB功能相关。该漏洞允许攻击者通过特定的send和recv操作触发使用后释放(UAF)问题,从而实现权限提升。修复版本改进了对OOB消息的管理逻辑以避免指针悬空问题。

RubyGems Malware Attack Weaponizes 60+ Packages to Steal Credentials from Social Media and Marketing Tools

Cyber Security News
4 months 1 week ago

Threat actors began slipping malicious code into legitimate RubyGems packages, disguising infostealers as social media automation tools in early 2023. Over the past two years, attackers operating under aliases such as zon, nowon, kwonsoonje, and soonje have published more than 60 gems that deliver promised automation features—bulk posting, engagement amplification, and backlink creation—while covertly harvesting […]

The post RubyGems Malware Attack Weaponizes 60+ Packages to Steal Credentials from Social Media and Marketing Tools appeared first on Cyber Security News.

Tushar Subhra Dutta

Managed ad