网络安全资讯

A China-linked espionage group tracked as UNC6508 maintained undetected access to North American medical, academic, and military research networks for over a year, quietly siphonin...

Proofpoint researchers Saher Naumaan and Carlos Rubio have documented a new wave of activity from the North Korean state-aligned threat cluster tracked as Contagious Interview (als...

The U.S. Department of Justice announced the seizure of CFAKE.com and SOCFAKE.com, two domains accused of hosting nonconsensual AI-generated nude images and videos of women, in wha...

A vulnerability in the SimpleHelp remote management software allows unauthenticated attackers to create privileged technician accounts on servers using the OpenID Connect (OIDC) au...

The critical, three-stage attack is now patched, but it's part of a new group of AI prompt-injection issues that use hidden URLs and other variables....

Executive leaders may not be saying it aloud, but business objectives and priorities don't always promote timely disclosures....

Maine is still allowing companies to report breaches, but won’t make the portal easily available to the public until after it completes an audit of its procedures to stop such inci...

Researchers at Obsidian Security have disclosed a three-vulnerability chain in LiteLLM, a widely deployed open-source AI gateway that brokers calls to more than 100 model providers...

Researchers at Varonis Threat Labs have disclosed a critical chain of three vulnerabilities in Microsoft 365 Copilot's Enterprise Search feature that, if exploited, would have allo...

Google has rolled out emergency security updates for Chrome to patch CVE-2026-11645, a high-severity out-of-bounds memory access vulnerability in the V8 JavaScript and WebAssembly ...

Employee onboarding is a busy time for IT teams. New starters need devices, accounts, access permissions, and passwords, all delivered within a tight timeframe. That usually means...

WordPress plugins OptinMonster, TrustPulse, and PushEngage have been compromised in a supply-chain attack impacting Awesome Motive-s content distribution network (CDN). [...]...

Cisco has released security updates to address a vulnerability in the Catalyst SD-WAN Manager, tracked as CVE-2026-20262, that was exploited in attacks to escalate to root privileg...

The Council of Europe, the continent's oldest intergovernmental body, is probing claims of a data breach made by the ShinyHunters extortion group over the weekend. [...]...

The U.S. Federal Bureau of Investigation (FBI) warned that criminals are using couriers to collect money from victims of cryptocurrency investment scams, also known as pig butcheri...

Employees are increasingly building automations, agents, and apps with AI tools outside traditional security oversight. Tines explores how CISOs are handling AI-driven code sprawl,...

A China-linked espionage campaign targeted exposed REDCap servers to deploy the InfiniteRed malware and steal sensitive data from a medical institution in North America. [...]...

A critical vulnerability chain dubbed SearchLeak in Microsoft 365 Copilot Enterprise could allow attackers to steal sensitive data from a target's mailbox, OneDrive, or SharePoint ...

The ShinyHunters extortion gang stole personal information from more than 137,000 school staff accounts in a Salesforce data theft attack that targeted the widely used Infinite Cam...

Modern phishing, BEC, and account takeover attacks increasingly bypass traditional email defenses and create operational strain for security teams. This webinar explores how behavi...

Google discovered and disrupted the sprawling campaign, which stole RedCAP credentials to target numerous institutions and exfiltrate sensitive data....

AI-native operating systems are shifting the responsibility to stay vigilant against social engineering cyberattacks from the user onto the system itself....

Anthropic abruptly suspended all access to Fable 5 and Mythos 5 after receiving an export control directive that banned foreign nationals from using the technology....

Mackay Sugar was targeted in a cyberattack carried out by a threat group known as The Gentlemen. The post Ransomware Attack Shuts Down Mills of Australia’s Second-Largest Sug...

Google’s Threat Intelligence Group has been tracking the cyberespionage group as UNC6508 since early 2025. The post Chinese Hackers Target Medical, Military, and AI Research in Nor...

The startup has built a security-first identity platform to protect humans, machines, and AI agents. The post NewCore Emerges From Stealth Mode With $66 Million in Funding appeared...

According to customer complaints, the disruption affected a range of services used by businesses, leading to interruptions in cash register operations, difficulties selling certain...

According to the deputy prosecutor general, the ship’s officers have now been charged with “having damaged two subsea telecommunications cables and of having attempted to damage a ...

According to the company, the directive cited national security authorities. It appears to be the first time such authorities have been used to curtail the export of AI models rath...

Cybersecurity researchers at Socket have uncovered a sprawling network of 152 Google Chrome extensions posing as live wallpaper and new tab add-ons that covertly distribute a poten...