網路安全資訊

Israeli cybersecurity company Check Point has released security updates to patch a critical flaw affecting Remote Access VPN and Mobile Access deployments, which was exploited in z...

The latest attacks, which hit 37 PyPI wheels and 19 code packages, show a continued evolution of the persistent software supply chain threat....

The company founded by Yossi Torati, Omer Gull, and Yuval Itzchakov has emerged from stealth mode. The post A Security Raises $37 Million for Autonomous Offensive Security Platform...

AI-driven development is not something organizations can or should block. But it must be governed. The post Everybody Is Vibe Coding But Nobody Told the Security Team appeared firs...

The Meta-owned communications app is filing a federal court contempt order against NSO. The post WhatsApp Catches Spyware Firm NSO Defying No-Hacking Court Order appeared first on ...

Significant cybersecurity M&A deals announced by Akamai, Check Point, Cisco, Cyera, Dragos, WatchGuard and Zscaler. The post Cybersecurity M&A Roundup: 26 Deals Announced...

The flaw allows attackers to execute arbitrary code remotely and has been exploited in the wild for two months. The post Everest Forms Vulnerability Exploited to Hack WordPress Sit...

Pashinyan's Civil Contract party won nearly 50% of Sunday's vote, defeating the pro-Russian Strong Armenia party led by Russian-Armenian billionaire Samvel Karapetyan, which receiv...

WhatsApp said it is filing a federal court contempt order against NSO for violating a permanent injunction that bars it from mounting attacks against its users....

New regulations published by Russia's Ministry of Digital Development at the end of May updated the technical standards governing SORM, formally known as the System for Operative I...

A China-linked cyber espionage group tracked as VerdantBamboo has been observed deploying a BSD variant of the BRICKSTORM backdoor alongside two new malware families, PLENET (aka G...

Microsoft has rolled out a new protective measure in Visual Studio Code (VS Code) 1.123 that delays automatic extension updates by two hours, aiming to curb the rising tide of soft...

Google Mandiant and the Google Threat Intelligence Group (GTIG) have detailed a financially motivated data theft extortion campaign by threat actor UNC3753—also tracked as Chatty S...

The University of Oxford disclosed a new data breach last week after being informed by its third-party provider, Group GTI, that its CareerConnect career services platform had been...

Meta has revealed that 20,225 Instagram users had their accounts hijacked in a recent incident where attackers used Meta's AI-powered support system to reset passwords. [...]...

Hackers accessed personal information stored on certain Lansing Community College systems in February 2025. The post 174,000 Impacted by Lansing Community College Data Breach appea...

Focusing on hacking law firms in the US, the ransomware group relies on fast flux to hide its C&C infrastructure. The post Silent Ransom Group Uses DNS Fast Flux in Attacks ap...

The Active Sessions and Lockdown Mode features are being made more broadly available by the AI giant. The post OpenAI Rolling Out ChatGPT Account Security Controls appeared first o...

The proposed coordination would let advanced AI labs verify that global rivals have actually stopped or slowed their work. The post Anthropic Urges Industry Coordination to Allow f...

Unauthenticated attackers can exploit the flaw via specially crafted POST requests that crash the Serv-U service. The post SolarWinds Serv-U Vulnerability Exploited in the Wild app...

The social media giant has informed authorities about the impact of the recent attack involving an account recovery support tool. The post Meta Says 20,000 Instagram Accounts Hacke...

Microsoft has released Intelligent Terminal, an open-source fork of Windows Terminal that embeds AI agents directly into the command-line workflow without disrupting the active she...

Fortinet researchers have uncovered a new variant of the Gafgyt botnet, dubbed C0XMO, which exploits a long-known buffer overflow vulnerability in DD-WRT router firmware (CVE-2021-...

The Silent Ransom Group, tracked by Mandiant as UNC3753 (also known as Luna Moth and Chatty Spider), is actively targeting U.S. law firms and professional services organizations wi...

Seattle-based cybersecurity startup Emphere has secured $2.1 million in pre-seed funding from AI2 Incubator and Outsiders Fund to advance its AI-driven vulnerability remediation pl...

Hackers are actively exploiting a critical unauthenticated remote code execution (RCE) vulnerability in the Everest Forms Pro WordPress plugin to seize full control of vulnerable w...

OpenAI has begun deploying a new Lockdown Mode for ChatGPT, targeting personal accounts on Free, Go, Plus, Pro, and self-serve ChatGPT Business plans. The feature is designed for u...

A reverse-engineering analysis published June 5 by Include Security and independent researcher Buchodi has exposed how Bright Data, the successor to Luminati and operator of what i...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity denial-of-service vulnerability in SolarWinds Serv-U to its Known Exploited Vulnerabiliti...

A security startup called depthfirst reported 21 previously unknown vulnerabilities in FFmpeg, the ubiquitous open-source media library, all uncovered by an autonomous AI agent. Th...