网络安全资讯

The zero-day was designed to bypass 2FA and it was developed by a prominent cybercrime group. The post Google Detects First AI-Generated Zero-Day Exploit appeared first on Security...

The router deadline, originally slated for March 1, 2027, has been pushed back to at least January 1, 2029, according to the announcement from the FCC’s Office of Engineering and T...

The Information Commissioner's Office (ICO) fined South Staffordshire Water £963,900 ($1.3 million) on Monday over an attack by the Cl0p ransomware group that led to the personal d...

The issue was found in the same area of the Linux kernel that produced last month’s Copy Fail bug, and also allows anyone with a basic account on an affected computer to seize full...

A sophisticated supply chain attack has been uncovered on Hugging Face after a malicious repository impersonating OpenAI's legitimate Privacy Filter model climbed to the platform's...

The cybersecurity industry’s beloved “purple team” concept is broken by design. According to data from CISA KEV, VulnCheck KEV, and ExploitDB, the mean time from ...

A new variant of the TrickMo Android banking malware, delivered in campaigns targeting users across Europe, introduces new commands and uses The Open Network (TON) for stealthy com...

Using a vulnerability in the portal, hackers accessed names, addresses, email addresses, and phone numbers. The post Skoda Data Breach Hits Online Shop Customers appeared first on ...

The company topped revenue and earnings forecasts for the first quarter of 2026, but its shares plunged more than 20%. The post Cloudflare Lays Off 1,100 Employees in AI-Driven Res...

The incident occurred on April 20 and did not affect customer data in the company’s production and staging environments. The post SailPoint Discloses GitHub Repository Hack appeare...

A malicious version of the plugin was published to the Jenkins Marketplace late last week. The post Checkmarx Jenkins AST Plugin Compromised in Supply Chain Attack appeared first o...

Tens of thousands of students studying for final exams around the world have regained access to a key online learning system after a cyberattack had earlier knocked it offline. The...

Also called Copy Fail 2 and tracked as CVE-2026-43284 and CVE-2026-43500, the exploit was disclosed before a patch was released. The post New ‘Dirty Frag’ Linux Vulnera...

The second iteration of the German-speaking online crime marketplace had over 22,000 users and more than 100 sellers. The post Resurrected ‘Crimenetwork’ Marketplace Ta...

A sophisticated phishing operation dubbed "Operation HookedWing" has been systematically targeting organizations across critical sectors for over four years, according to threat in...

A sophisticated malvertising campaign is leveraging Google Ads and the public chat‑sharing feature of Anthropic’s Claude.ai to distribute a macOS backdoor. Victims who search for "...

German law‑enforcement agencies, led by the Federal Criminal Police Office (BKA) and the Hessian State Criminal Police Office (LKA Hessen) in close coordination with Europol’s Euro...

Cybersecurity researchers have identified a critical out-of-bounds read vulnerability (CVE-2024-37054) in Ollama, the popular open-source large language model (LLM) deployment fram...

cPanel Inc. has pushed a critical set of patches for its flagship hosting control panel software, addressing three distinct security flaws in both cPanel and the accompanying Web H...

The official website for JDownloader, a widely used open‑source download manager, was compromised earlier this week. Attackers altered the download links for both Windows and Linux...

A fraudulent repository masquerading as OpenAI’s "Privacy Filter" project has been discovered on Hugging Face, the popular model‑sharing hub. The repo, which briefly made the platf...

U.S. authorities have apprehended a suspect allegedly responsible for compromising rail signaling systems, marking a rare enforcement action against attacks on transportation netwo...

Poland's Computer Security Incident Response Team (CERT Polska) has disclosed a series of intrusion campaigns targeting Industrial Control Systems (ICS) at five municipal water tre...

Braintrust, an AI infrastructure provider, disclosed on March 5 2026 that an unauthorized party had gained access to one of its Amazon Web Services (AWS) accounts. The intrusion, d...

Thousands of schools and universities across the United States and Canada were thrust into disarray this week after the popular learning management system (LMS) Canvas, developed b...

Security researchers have identified a new self‑propagating threat, named PCPJack, that behaves like a worm while simultaneously purging systems infected by the earlier TeamPCP mal...

RansomHouse, a known ransomware operation, has claimed responsibility for a breach at Trellix, a prominent cybersecurity vendor. The group posted several screenshots on a dark‑web ...

Security researchers at Cisco Talos have disclosed a critical flaw in the Claude Chrome extension (version 2.3.0) that lets remote attackers hijack the AI agent by abusing the exte...

Ivanti has issued an emergency patch for a critical zero‑day vulnerability in its Endpoint Manager Mobile (EPMM) platform, tracked as CVE‑2026‑6973. The flaw, rated 9.1 on the CVSS...

General Motors has agreed to pay a $12.75 million settlement to the State of California for collecting and sharing sensitive driver data without proper consent, marking the largest...