Aggregator

You must login to view this content

You must login to view this content

You must login to view this content

You must login to view this content

You must login to view this content

Codenotary has announced the availability of AgentX, an autonomous platform designed to manage, secure, and protect large-scale Linux infrastructure in the cloud or on-premises through coordinated networks of AI agents. AgentX introduces a new approach to infrastructure operations by allowing distributed AI agents to collaborate, automating security enforcement, operational tasks, and lifecycle management while maintaining full permissions control and governance for administrators. AgentX continuously reviews configurations, user roles, and security controls across servers, clusters, and … More →

The post Codenotary introduces AgentX for autonomous Linux infrastructure security appeared first on Help Net Security.

Spur Intelligence has announced new enhancements to its IP intelligence platform, designed to give security and fraud teams deeper visibility into anonymized infrastructure and enable informed, real-time decisions on risky user sessions. New capabilities include AI service identification, a policy API for real-time session decisions, and enhanced geographic infrastructure insights. AI service tagging in the Spur IP context object As AI-driven automation and anonymization technologies proliferate across the internet, organizations face growing challenges in distinguishing … More →

The post Spur Intelligence delivers deeper visibility into anonymized infrastructure appeared first on Help Net Security.

The Federal Communications Commission (FCC) announced a major update to its Covered List, officially prohibiting the approval of new consumer-grade network routers produced in foreign countries. This regulatory action prevents these new devices from entering the United States market by denying them the required FCC equipment authorization. The decision stems from a determination by a […]

The post FCC Banned Foreign-made Consumer Routers Over Security Risks appeared first on Cyber Security News.

近日，工作中监测到 Apifox 文件存在被投毒情况。

Apifox 是一款 API 一体化协作平台，其桌面端应用基于 Electron 框架开发，提供 Windows、macOS、Linux 三平台客户端。因未严格启用 sandbox 参数，并暴露了 Node.js 的 API 接口，导致攻击者可通过 JS 控制 Apifox 的终端——三个平台均受影响。

Apifox 在启动过程中会加载：

该文件正常大小为 34KB，但在 3 月 4 日之后可能会请求到被投毒的版本（77KB）。被投毒的 JS 文件会动态加载 hxxps://apifox[.]it[.]com/public/apifox-event.js（该域名非官方域名），在满足特定条件下加载攻击载荷，采集主机系统环境和敏感信息（SSH 密钥、Git 凭证、命令行历史、进程列表），上报到 hxxps://apifox[.]it[.]com/event/0/log。后续攻击者会控制主机拉取执行后门程序，并尝试发起横向攻击，控制更多有价值目标。

目前入口文件已被还原，仅在 Wayback Machine 存档中可见投毒版本。

ProfileHound is a post-escalation tool to help find and achieve red-teaming objectives by locating domain user profiles on

The post Beyond the Active Session: Hunting Offline Secrets with ProfileHound’s New Graph Edge appeared first on Penetration Testing Tools.

A widely used open-source Python library was compromised on the Python Package Index (PyPI). Versions 1.82.7 and 1.82.8 of the package, which route requests across various LLM providers and have over 95 million monthly downloads, were found to contain a sophisticated backdoor by security vendors Endor Labs and JFrog. The malicious code was injected directly into the […]

The post LiteLLM Python Package With 95 Million Downloads Compromised by TeamPCP Hackers appeared first on Cyber Security News.

Occasionally, a malicious campaign is betrayed not by labyrinthine code, but by a minuscule detail. Within the nascent

The post The Bot Numerology: How “stager_51_bot” Unmasked MuddyWater’s Global LampoRAT Campaign appeared first on Penetration Testing Tools.

The United States has resolved to exert vastly more stringent dominion over one of the most ubiquitous elements

The post The Gateway Lockdown: FCC Bans New Foreign Routers as Texas Declares War on TP-Link appeared first on Penetration Testing Tools.

Microsoft has definitively shuttered a straightforward avenue for awakening a clandestine feature within Windows 11 that substantially accelerated

The post The Performance Lockdown: Microsoft Blocks the Registry Hack for Faster Windows 11 SSDs appeared first on Penetration Testing Tools.