Aggregator

Agentic AI成为最热门主题

Google is preparing for the quantum era, a turning point in digital security, with a 2029 timeline for post-quantum cryptography (PQC) migration. Security professionals warn that current encryption could be broken by large-scale quantum computers in the coming years. This risk is already relevant due to store-now-decrypt-later attacks. Google says organizations should adopt NIST-developed PQC standards before large-scale, fault-tolerant quantum computers become a reality. “That’s why we’ve adjusted our threat model to prioritize PQC migration … More →

The post Google races to secure encryption before quantum threats arrive appeared first on Help Net Security.

The National Crime Agency has warned construction firms about surging invoice fraud

Кто попал в перечень главных врагов нового отдела Госдепа.

2026年3月25日，APIFox 团队发布安全公告，承认其公网 SaaS 版桌面客户端遭遇供应链攻击。

2026年3月24日，Python 生态最热门的 LLM 网关库 LiteLLM 遭遇供应链投毒攻击。

核心聚焦于助力学员轻松掌握从内核态隐藏 frida 的技术，且全程无需重新编译内核。

开发者连接钱包即被盗

看雪论坛作者ID：拉不利多

OpenAI has announced the launch of a public Safety Bug Bounty program to identify AI abuse and safety risks across its products. Hosted on Bugcrowd, the new initiative marks a significant step in the company’s efforts to address vulnerabilities that fall outside the scope of traditional security flaws but still pose real-world harm potential. The […]

The post OpenAI Launches AI Safety Bug Bounty to Detect AI-Specific Vulnerabilities appeared first on Cyber Security News.

「我造了一个东西」的感觉，是我在任何手机上都没体验过的。

安全复盘 | 绕过白名单的“艺术”：OpenClaw 命令注入漏洞深度解析。

Компания F6 выявила схему «детского» мошенничества, которая захлестнула Россию.

A newly discovered malware loader called Kiss Loader has emerged as a serious threat, using advanced code injection techniques to quietly infiltrate Windows systems without raising alarms. First spotted in early March 2026, it marks the beginning of a carefully built attack campaign that was still actively under development when researchers first caught it. Kiss […]

The post New Kiss Loader Malware Uses Early Bird APC Injection in Emerging Attack Campaign appeared first on Cyber Security News.

Инструмент для защиты инфраструктуры внезапно сам стал точкой входа.

Russian authorities arrested the alleged LeakBase admin for running a marketplace selling stolen data since 2021. Russian law enforcement has arrested the suspected administrator of LeakBase, a cybercrime forum used to trade stolen personal data. The suspect, from Taganrog, is accused of running the platform since 2021. During a search of his home, authorities seized […]

Чертежи и коды доступа к стратегическим узлам могли попасть в чужие руки.

DataBahn.ai has announced Autonomous In-Stream Data Intelligence (AIDI), a new operating model for security data pipelines in which data is continuously interpreted, validated, and acted on in real time as it flows. Building on its AI-native foundation, DataBahn advances the pipeline from intelligent data preparation to an active system of in-stream decision-making, enabling organizations to detect issues earlier, adapt dynamically and ensure data is trusted before it reaches downstream systems. DataBahn is also introducing the … More →

The post DataBahn brings AI-driven intelligence into the security pipeline appeared first on Help Net Security.

Runtime Identity secures every action beyond login. Learn how to implement continuous identity verification for modern SaaS and APIs.

The post What is Runtime Identity? Securing Every Action Beyond Login appeared first on Security Boulevard.

据 Censor.NET 报道： 在乌克兰国防企业 TechEx 某分部的一位总工程师办公室内，发现了属于俄罗斯情报部门的窃听设备。TechEx 是一家专门从事各类无人机制造的企业。业内人士发出警告：所有乌克兰军工人员均已处于俄罗斯情报部门的监视之下。 该企业随后向内部成员发布了声明，声明中写道：： “乌克兰军工人员们，请做好准备。敌人正在后方进行‘狩猎’。今天上午，我们在公司某分部的总工程师办公室内查获了俄罗斯情报部门的专用设备。是的，其中也包括‘窃听装置’。” “得益于乌克兰国家安全局（SBU）反间谍部门与我司团队的通力协作，我们成功阻止了敏感信息的泄露，保护了生产设施，并确保了关键数据的安全。此外，我们长期以来还实施了一系列旨在对敌方进行反情报误导的措施。” “但我们特别难以接受这样一个事实：克格勃（KGB）那一套手段竟然依然奏效，且行之有效。敌人正在玩一场卑鄙且极具专业水准的博弈，仅凭我们自身的力量已显得捉襟见肘。我们的安全防护体系虽设有多个层级，涵盖了所有最新的技术更新，并辅以持续的人员安全教育工作；但毕竟我们并非专业的反间谍机构，自然也无法拥有像他们那样充裕的资源与手段。” 声明中还写道： “我们要向乌克兰国家安全局反间谍部门的工作人员致以诚挚的谢意！今天我们成功揭露了敌人的行径，但我们也深知，这绝非敌方的最后一次尝试。所有的乌克兰军火制造商——包括他们的技术、员工、供应商及生产设施——均已处于俄罗斯情报部门的‘监视瞄准’之下。” “我们呼吁加强国防企业的资料保护工作，呼吁同行们切勿拖延，务必“仔细排查”，开展额外的安全检查，并更新人员的访问权限级别。遗憾的是，类似的“意外状况”很可能已潜伏在您的办公场所之中。我们乐于分享自身的经验，欢迎随时与我们联系；因为我们所有人都在为着同一个目标而奋斗——即乌克兰的最终胜利。” 一个带有黑色幽默的补充消息是： 这位总工萨多维（Sadovyi）表示——在“窃听器”被发现之前，他曾在该办公室接待过斯维里登科（Svyrydenko）、斯特凡丘克（Stefanchuk）以及多个外国代表团…[吐][裂开] 杨叔：这是公开新闻中SBU第一次有正面形象[破涕为笑]，哈，关于乌克兰安全机构SBU的故事，可以参看公众号的文章： 特勤局手册 | 没落的国家安全机构会导致什么？ #俄乌战争态势 #军工单位遭窃听