Aggregator

2月底，美国和以色列对伊朗发动首次打击时，据《福布斯》报道，打击目标之一是伊朗情报与安全部（MOIS）。 据报道，至少有两名被控对西方实体发动网络攻击的伊朗人在袭击中丧生。其中一人是穆罕默德·迈赫迪·法哈迪·拉明，美国司法部于2020年指控他入侵美国航空航天和国防公司的系统，此后一直被美国当局通缉。 另一名嫌疑人是负责以色列事务的副部长赛义德·叶海亚·侯赛尼·潘贾基，他已被列入美国联邦调查局十大通缉犯名单。网络安全消息人士告诉《福布斯》，潘贾基负责对以色列情报部下属的一个部门，该部门控制着像Handala这样的黑客组织。Handala长期以来被认为是一个亲伊朗的黑客组织，曾成功攻击过以色列政界人士和西方企业。 但这并没有影响网络攻击行动，Handala 组织取得了一项重大战果，目标是位于密歇根州的医疗器械供应商 Stryker 公司。该组织声称已入侵并清除了 Stryker 公司的系统，永久性地抹去了 12 PB 的数据，如此大规模的数据销毁在今天前所未有。 Stryker在发给客户的通知中证实，其微软系统遭到入侵，目前正在进行恢复工作，进展顺利。Handala也声称入侵了以色列支付服务提供商Verifone的系统，但该公司表示尚未发现任何入侵证据。 与此同时，另一个据信隶属于同一情报部（MOIS）的名为“国土正义”（Homeland Justice）的组织声称，他们于周日入侵了阿尔巴尼亚议会，原因是该议会支持一个伊朗anti政府组织。阿尔巴尼亚官员证实，由于此次入侵，电子邮件系统已离线。 该黑客组织之所以能够保持在线，似乎与SpaceX公司走私的星链卫星互联网设备有关。以色列网络安全公司Check Point表示， Handala似乎也在使用人工智能来编写恶意代码，但该公司无法确定具体使用了哪些人工智能模型。

A prompt injection vulnerability paired with other flaws can turn a Google search into a full attack chain that could threaten enterprise networks.

Our annual analysis brings you a year’s worth of security operations insights, including how adversaries are both leveraging and targeting AI

СК обвинил жителя Кузбасса в финансировании терроризма.

Network security has taken another hard hit. Two previously unknown malware strains have emerged, quietly turning routers, IoT devices, and enterprise network equipment into weapons for large-scale distributed denial-of-service (DDoS) attacks and cryptocurrency mining operations. These campaigns mark a clear shift in how threat actors are exploiting the very network infrastructure that organizations depend on […]

The post New Malware Campaigns Turn Network Devices Into DDoS Nodes and Crypto-Mining Bots appeared first on Cyber Security News.

A serious operational security failure by Russian state-linked hacking group FancyBear has given security researchers an unusually clear view into an active espionage campaign targeting government and military organizations across Europe. On March 11, 2026, threat intelligence firm Hunt.io published findings on a campaign it tracks as Operation Roundish, based on an exposed open-directory first […]

The post FancyBear Server Exposure Reveals Stolen Credentials, 2FA Secrets and NATO-Linked Targets appeared first on Cyber Security News.

根据发表在《Ecological Economics》期刊上的一项研究，当保护环境和经济增长发生冲突时 58% 的人倾向于选择保护环境。研究分析了 92 个国家居民的反馈数据，结果显示：58% 的人更偏向保护环境；西欧、东南亚、美洲、澳大利亚和新西兰居民对环境保护的支持度最高；西方国家中的女性、年轻人、受过良好教育以及政治倾向较为自由的人更重视环境保护；东欧、中亚、非洲和中东地区对保护环境的支持度较低，研究人员猜测可能与这些地区的经济发展较低相关。

ConnectWise has issued an urgent security advisory for its ScreenConnect remote desktop software, disclosing a critical cryptographic vulnerability that could allow unauthenticated attackers to extract server-level machine keys and hijack session authentication. The flaw, tracked as CVE-2026-3564, affects all ScreenConnect versions prior to 26.1 and carries a CVSS score of 9.0, placing it firmly in […]

The post ScreenConnect Vulnerability Allows Hackers to Extract Unique Machine Keys and Hijack Sessions appeared first on Cyber Security News.

Теневой рынок столкнулся с неожиданной переменой правил игры.

Cybersecurity and Infrastructure Security (CISA) Acting Director Nick Andersen said the agency has been working closely with industry and sector-based groups on threats from Iran in the past couple of weeks.

A vulnerability identified as critical has been detected in Shinetheme Traveler Plugin 3.2.2/3.2.3/3.2.6/3.2.8 on WordPress. This affects an unknown function. This manipulation causes deserialization. This vulnerability is registered as CVE-2026-25449. Remote exploitation of the attack is possible. No exploit is available. You should upgrade the affected component.

A vulnerability categorized as problematic has been discovered in LibreChat 0.8.1-rc2. The impacted element is an unknown function of the component LibreChat API/RAG API. The manipulation results in incorrect resource transfer. This vulnerability is cataloged as CVE-2026-33265. The attack must be initiated from a local position. There is no exploit available.

A vulnerability was found in OpenText ZENworks Service Desk 25.2/25.3. It has been rated as problematic. The affected element is an unknown function. The manipulation leads to cross site scripting. This vulnerability is listed as CVE-2026-3278. The attack may be initiated remotely. There is no available exploit.

A vulnerability was found in danny-avila LibreChat 0.8.1-rc2. It has been declared as critical. Impacted is an unknown function of the component JWT Secret Handler. Executing a manipulation can lead to improper access controls. This vulnerability is tracked as CVE-2025-41258. The attack is only possible within the local network. No exploit exists.

A ransomware group known as LeakNet has been quietly building a more dangerous attack strategy. Until recently, the group averaged about three victims per month — but new evidence shows it is scaling up fast, adding new tools that most security defenses are not built to catch. LeakNet has introduced two notable additions: a social […]

The post LeakNet Scales Ransomware Operations With ClickFix Lures and Stealthy Deno Loader appeared first on Cyber Security News.

A vulnerability was found in Canonical Juju up to 3.6.18. It has been classified as critical. This issue affects some unknown processing of the component Vault Secrets Back-End. Performing a manipulation results in improper authorization. This vulnerability is identified as CVE-2026-32692. The attack can be initiated remotely. There is not any exploit available. Upgrading the affected component is recommended.

A vulnerability was found in Canonical Juju up to 3.6.18 and classified as very critical. This vulnerability affects unknown code of the component secret-set Tool. Such manipulation leads to incorrect authorization. This vulnerability is referenced as CVE-2026-32693. It is possible to launch the attack remotely. No exploit is available. It is suggested to upgrade the affected component.