網路安全資訊

The latest ThreatsDay bulletin from hackmyip.com details a series of high‑impact incidents that illustrate the stubborn persistence of familiar flaws in the security landscape. Top...

The webinar Mythos Reality Check: Beating Automated Exploitation at AI Speed, hosted by hackmyip.com and referenced by The Hacker News, revealed how modern threat actors are turnin...

Anthropic has announced Project Glasswing, an AI model designed to discover software vulnerabilities with unprecedented effectiveness. The company has taken the extraordinary step ...

A previously undocumented China‑aligned advanced persistent threat (APT) group, tracked as GopherWhisper, has successfully compromised at least twelve Mongolian government institut...

Security researchers at multiple threat intelligence firms have observed a significant acceleration in The Gentlemen ransomware group's operational tempo and technical capabilities...

Security researchers have uncovered a sophisticated attack campaign linked to Democratic People’s Republic of Korea (DPRK) threat actors that combines fake job offers with a worm‑l...

Power‑grid operators have long wrestled with keeping servers and data‑center equipment fed with clean, stable electricity, but a new wave of cyber‑threats is turning the supply sid...

Mozilla has identified 271 security vulnerabilities in Firefox 150 using Anthropic's Mythos large language model, marking a significant milestone in AI-assisted code analysis. The ...

Tyler Robert Buchanan, a 24‑year‑old British national known in the cybercrime underground as “Tylerb,” pleaded guilty on June 5 2024 in a U.S. District Court to one count of wire‑f...

On March 12, 2024, former incident‑response negotiator David Mercer entered a guilty plea in the U.S. District Court for the Eastern District of New York to one count of conspiracy...

Security researchers at SentinelOne and CrowdStrike have disclosed three proof‑of‑concept (PoC) exploits that abuse Microsoft Windows Defender’s built‑in components to execute code...

Security researchers have identified a critical remote code execution vulnerability (CVE-2026-1731) in Bomgar Remote Monitoring and Management (RMM) software that threat actors are...

Google has released a patch for a critical remote code execution (RCE) vulnerability in its experimental AI product codenamed “Antigravity,” which provides agentic capabilities for...

A newly identified Chinese advanced persistent threat (APT) group has launched a coordinated cyber‑espionage campaign against major Indian financial institutions and South Korean p...

On March 5, 2026, Vercel's security operations center (SOC) detected anomalous activity stemming from an OAuth token tied to a senior developer's account. The token, scoped to the ...

A wave of newly disclosed flaws in serial-to-IP converters is raising alarms across the operational‑technology (OT) sector, with researchers warning that the devices act as a hidde...

WhatsApp has patched a critical flaw that allowed attackers to harvest user metadata simply by knowing a victim's phone number, according to a Dark Reading analysis published this ...

NIST's National Vulnerability Database (NVD) has historically been the primary source of enriched CVE data, attaching CVSS v3.1 vector strings, severity ratings, affected product C...

Tycoon, a well‑known phishing collective that has long abused two‑factor authentication (2FA) bypass tricks, has quietly shifted to a new attack vector: OAuth 2.0 device‑code phish...

A new analysis published by Dark Reading warns that the most pressing security risk posed by artificial intelligence is not the emergence of novel code flaws, but the rapid amplifi...

The U.S. Coast Guard has issued a set of updated cybersecurity requirements under the Maritime Transportation Security Act (MTSA), signaling a heightened focus on protecting operat...

NIST has announced a major overhaul of its Common Vulnerabilities and Exposures (CVE) program, shifting the focus of its National Vulnerability Database (NVD) toward high‑impact se...

Security researchers have identified a sophisticated campaign by North Korean threat actor Sapphire Sleet targeting macOS users through ClickFix attack vectors. The group, tracked ...

The UK Cabinet Office’s Emerging Technology Cybersecurity Division (ETCD), in close collaboration with the National Cyber Security Centre (NCSC), has publicly released results from...

Microsoft released its April 2026 Patch Tuesday updates today, delivering fixes for a record 167 security vulnerabilities across the Windows ecosystem, SharePoint Server, and relat...

Security researchers have linked a new wave of cyber‑attacks to Russia’s military intelligence, specifically the APT groups tied to the GRU, which are actively exploiting known vul...

German authorities have publicly exposed the identity of the notorious hacker known as "UNKN", linking the alias to 31‑year‑old Russian national Daniil Maksimov. Maksimov is allege...

Security researchers at SecureSphere Labs have uncovered a new file‑wiping worm they have named CanisterWorm, attributed to a financially motivated threat actor tracked under the a...

The U.S. Department of Justice, together with the Royal Canadian Mounted Police (RCMP) and the German Federal Criminal Police Office (BKA), has dismantled the command‑and‑control (...

Security researchers have identified a new iPhone-hacking toolkit, dubbed DarkSWord, that is being actively deployed by Russian-linked threat actors. The toolkit exploits a previou...