Aggregator
Mozilla security advisory (AV26-692)
加州新提案将禁止无限滚动
HPE security advisory (AV26-691)
Марсианский марафон длиной в 5 лет: ровер Perseverance преодолел 42 км инопланетных кратеров и камней
You Don't Have to Run an Exploit to Know If You're Vulnerable
NATO logistics, Ukrainian troops are top subjects of Russian camera hacks, advisory says
SAP security advisory – July 2026 monthly rollup (AV26-690)
RabbitMQ Flaws Could Leak OAuth Secrets and Expose Cross-Tenant Queue Metadata
New macOS malware steals passwords by posing as Apple’s crash-reporting tool
Jamf Threat Labs has uncovered a new macOS infostealer named CrashStealer that disguises itself as Apple’s crash-reporting tool to steal passwords, Keychain data, and cryptocurrency wallets. The malware was first spotted in May while it was still under development. By early July, Jamf was seeing in-the-wild detections, indicating it had moved into active use. “Unlike much of the commodity stealer activity on macOS, which is built on AppleScript droppers or thin Objective-C wrappers, CrashStealer is … More →
The post New macOS malware steals passwords by posing as Apple’s crash-reporting tool appeared first on Help Net Security.
阿里云先知团队招聘AI攻防安全专家
用户态漏洞分析之CVE-2026-41089
2026polarctf夏季赛Escape, escape!特辑
实战|从AI API SSRF到K8s集群凭证泄露——一次大模型服务的内网渗透全记录
Miasma Worm Returns as RAT-First npm Attack With Automatic Propagation Disabled
Four AsyncAPI packages previously affected by the Shai-Hulud: The Second Coming campaign have been compromised again, with new malicious releases delivering a RAT-focused build of the Miasma worm. The impacted versions are @asyncapi/generator 3.3.13.3.13.3.1, @asyncapi/generator-components 0.7.10.7.10.7.1, @asyncapi/generator-helpers 1.1.11.1.11.1.1, and @asyncapi/specs 6.11.26.11.26.11.2 and 6.11.2−alpha.16.11.2-alpha.16.11.2−alpha.1. Unlike the prior Miasma activity, the AsyncAPI packages do not use malicious […]
The post Miasma Worm Returns as RAT-First npm Attack With Automatic Propagation Disabled appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.