Aggregator
360漏洞云携安全龙虾亮相HPW白帽世界大会
黑客利用 CVE-2026-26980 攻陷 Ghost CMS,大量站点沦为 ClickFix 攻击帮凶
80 лет никто не мог сдвинуться с места. OpenAI решил геометрическую тайну Эрдёша через теорию чисел
对话 Moka CEO 李国兴:AI 不是 SaaS 公司的绝命,是改命
SpaceX 最大的收入来源是与 Anthropic 达成的数据中心交易
Virtru centers file collaboration around data-level protection
Organizations that handle sensitive data consistently face a dilemma: lock data down and lose productivity, or share it freely and lose control. Virtru unveiled Virtru Collaborate, a new offering that eliminates that tradeoff, a FedRAMP authorized space where sensitive files are encrypted and protected by the Trusted Data Format (TDF), and where that protection travels seamlessly with the data as teams work together across organizational boundaries. Virtru Collaborate is the first solution built on the … More →
The post Virtru centers file collaboration around data-level protection appeared first on Help Net Security.
CVE-2026-4055 | Mattermost up to 10.11.13/11.4.3/11.5.1 Run Creation API authorization (WID-SEC-2026-1173)
ASAPP expands adversarial testing for enterprise AI systems
ASAPP has launched Continuous Red Teaming, a new capability that integrates adversarial AI testing directly into ASAPP’s model evaluation framework. The new capability is built on Promptfoo, an AI security platform that helps enterprises detect and address vulnerabilities in AI systems during development. Promptfoo continuously runs automated tests across ASAPP’s AI systems, screening for more than 50 vulnerability types to give enterprise customers the real-time data they need to trust their AI in production. As … More →
The post ASAPP expands adversarial testing for enterprise AI systems appeared first on Help Net Security.
Право на ремонт или дыра в безопасности. В Госдуме спорят, должны ли производители отдавать техдокументацию сторонним мастерам
Tenable Hexa AI automates remediation across attack surfaces
Tenable has announced the general availability of Tenable Hexa AI, the agentic AI engine of the Tenable One Exposure Management Platform. Tenable Hexa AI is an advanced agentic AI for cybersecurity solution, equipped with advanced multi-step reasoning and Model Context Protocol (MCP) support, enabling custom agent building and workflows that accelerate risk reduction at machine speed. LLMs and AI frontier models, such as Anthropic’s Mythos Preview, are accelerating the discovery of previously unknown vulnerabilities at … More →
The post Tenable Hexa AI automates remediation across attack surfaces appeared first on Help Net Security.
New NGINX 0-Day RCE “nginx-poolslip” Affects Millions of NGINX Servers
A newly disclosed zero-day remote code execution (RCE) vulnerability, dubbed nginx-poolslip, has been identified in NGINX version 1.31.0, the latest stable release of the widely deployed web server software. The discovery was made by security agent Vega, operating under the NebSec security team, and publicly disclosed via X (formerly Twitter) on May 21, 2026. Just […]
The post New NGINX 0-Day RCE “nginx-poolslip” Affects Millions of NGINX Servers appeared first on Cyber Security News.
Grafana Labs Says Code Breach Stemmed from TanStack Attack
Microsoft warns of new Defender zero-days exploited in attacks
Riverbed introduces new Aternity tools for autonomous IT operations
Riverbed has announced new capabilities for Aternity designed to support autonomous IT operations for digital experience management. The updates help digital workplace teams move toward prevention-focused operations through broader visibility, context-aware intelligence, and governance controls that support automated workflows. Organizations are measured by their ability to deliver frictionless digital experiences that keep employees productive and business workflows operating without interruption. While many IT initiatives focus on improving reactive operations, Riverbed is focused on enabling organizations … More →
The post Riverbed introduces new Aternity tools for autonomous IT operations appeared first on Help Net Security.
Google 的 AI 搜索容易被人为操纵
Root без пароля и ядро Linux под контролем. Разбираем, как работает эксплойт PinTheft
Forward launches Predict to test network changes before deployment
Forward has unveiled Forward Predict, a new capability that allows organizations to evaluate the impact of network changes before deployment. By testing proposed changes against a digital twin of the production network, Forward Predict helps identify potential issues before they reach live environments and supports safer network operations at scale. “When we founded Forward more than a decade ago, we set our sights on the future of autonomous networking,” said David Erickson, CEO of Forward. … More →
The post Forward launches Predict to test network changes before deployment appeared first on Help Net Security.
9-Year-Old Linux Kernel Flaw Enables Root Command Execution on Major Distros
WantToCry Ransomware Abuses SMB Services to Remotely Encrypt Files
A ransomware strain called WantToCry has been targeting businesses by abusing a widely used file-sharing protocol to encrypt files without dropping any malware on the victim’s system. The attacks mark a notable shift in how ransomware operators approach campaigns, serving as a warning to any organization that still has file-sharing services exposed to the open […]
The post WantToCry Ransomware Abuses SMB Services to Remotely Encrypt Files appeared first on Cyber Security News.