Aggregator

The alleged administrator of the LeakBase cybercrime forum has been arrested by Russian law enforcement authorities, state media reported Thursday. According to TASS and MVD Media, a news website linked to the Russian Interior Ministry, the suspect is a resident of the city of Taganrog. The suspect is said to have been detained for creating and managing a criminal site that allowed stolen

The FCC has officially added foreign-made consumer routers to its restricted Covered List, citing major cybersecurity risks. Find out what it means for your current devices.

Cloudflare recently published data that offers clear insight into where the DDoS threat environment is heading. DDoS attacks are becoming larger, more frequent, and more sophisticated, with botnets reaching unprecedented scale. But beyond the headline numbers, the report also points to a broader shift that deserves closer attention. In this article, we’ll discuss some of..

The post The Dark Side of DDoS: Why DDoS Downtime is Harder to Prevent appeared first on Security Boulevard.

Learn how to detect compromise, assess your exposure to the LiteLLM supply chain attack, and use GitGuardian to orchestrate rapid incident response and secret remediation.

The post How GitGuardian Enables Rapid Response to the LiteLLM Supply Chain Attack appeared first on Security Boulevard.

92 антипротона выдержали 30 минут в пути и показали, что антиматерию можно не только создавать, но и перевозить.

The incident highlights growing concerns over the security of the open-source software supply chain, where widely-used tools maintained by small teams can provide a gateway into thousands of organizations if compromised.

Власти расширили полномочия силовиков в обход парламента.

A vulnerability has been found in ellanetworks core up to 1.5.x and classified as problematic. Impacted is an unknown function of the component NGAP Handler. This manipulation causes improper validation of array index. This vulnerability is handled as CVE-2026-33281. The attack can be initiated remotely. There is not any exploit available. The affected component should be upgraded.

A vulnerability was found in contest-gallery Contest Gallery Plugin up to 28.1.5 on WordPress. It has been declared as critical. Affected by this vulnerability is the function user_activation_key of the file users-registry-check-after-email-or-pin-confirmation.php. The manipulation results in improper authentication. This vulnerability was named CVE-2026-4021. The attack may be performed from remote. There is no available exploit. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in wpeverest User Registration & Membership Plugin up to 5.1.4 on WordPress. The impacted element is the function check_permissions of the component REST API Endpoint. This manipulation causes missing authorization. This vulnerability is registered as CVE-2026-4056. Remote exploitation of the attack is possible. No exploit is available. It is recommended to upgrade the affected component.

这是AI大模型根据我白天的分析过程简单编写的一篇文章，如果有错误或遗漏，还请见谅。我以后的文章并不会都用AI来写，不用担心。

2026 年 3 月 25 号，正当大家都还忙着应急LiteLLM投毒事件的同时，安全圈里开始流传一则不太寻常的消息：Apifox 桌面客户端疑似在官方 CDN 上的埋点脚本里被人动了手脚。

最初的披露来自 2libra 上的梳理，已经点出了几个关键事实：被篡改的...

A vulnerability has been found in QEMU and classified as critical. This issue affects some unknown processing of the component virtio-fs Shared File System Daemon. The manipulation leads to improper check for dropped privileges. This vulnerability is uniquely identified as CVE-2022-0358. The attack is possible to be carried out remotely. No exploit exists. It is suggested to install a patch to address this issue.

A vulnerability was found in vim up to 8.1 and classified as critical. Impacted is an unknown function. Such manipulation leads to memory corruption. This vulnerability is documented as CVE-2022-0351. The attack can be executed remotely. There is not any exploit available. It is suggested to upgrade the affected component.

A vulnerability was found in Samba up to 4.13.16/4.14.11/4.15.3. It has been declared as critical. The impacted element is the function samldb_spn_uniqueness_check of the file ldb_modules/samldb.c of the component AD DC. Such manipulation leads to incorrect default permissions. This vulnerability is referenced as CVE-2022-0336. It is possible to launch the attack remotely. No exploit is available. It is recommended to upgrade the affected component.

Open Threat Management platform sweeps four award categories at RSA Conference while announcing ADMP and SeraAI 2.0. SAN FRANCISCO, March 24, 2026 /PRNewswire/ — Seceon Inc., developer of the Open Threat Management (OTM) Platform, today announced four wins at Global InfoSec Awards 2026, presented at RSA Conference. The awards span MSSP enablement, critical infrastructure protection,

The post Seceon Wins Four Global InfoSec Awards at RSA 2026 and Launches ADMP and SeraAI 2.0 Autonomous SOC appeared first on Seceon Inc.

The post Seceon Wins Four Global InfoSec Awards at RSA 2026 and Launches ADMP and SeraAI 2.0 Autonomous SOC appeared first on Security Boulevard.

The digital trust ecosystem is undergoing its fastest shift in decades, and for Managed Service Providers (MSPs), this change creates a major market opportunity. As of March 15, 2026, the lifespan of newly issued SSL/TLS certificates has been cut from 12 months to just six, instantly doubling the renewal workload for every certificate an organization relies on. With certificate inventories growing exponentially, IT teams now face a renewal cycle that scales as quickly as their environments do. What was once an annual task managed in spreadsheets is now a continuous operational motion. Renewal frequency is rising, complexity is expanding, and the risk of outages caused by expired certificates is higher than ever.

The post Helping MSPs Take Control of Certificate Management: Introducing Sectigo Partner Platform appeared first on Security Boulevard.

Погрузили в воду — волокна набухли и перестроились. Вытащили — внутри 94% яда.

Submit #776230 / VDB-353193

How the ColorTokens Xshield platform and its integrated ecosystem stand between North America’s power grid and digital adversaries. Note: AI generated image, please ignore errors. Let us not pretend that the threat to North America’s Bulk Electric System is theoretical. In 2022, SANDWORM, Russia’s GRU-linked hacker collective, deployed Industroyer2 against Ukrainian high-voltage substations, a direct […]

The post Before the Lights Go Out appeared first on ColorTokens.

The post Before the Lights Go Out appeared first on Security Boulevard.