Aggregator
360为什么要给大学生和职场人发一张“AI驾照”?
ISC.AI 2026:首提"管控不确定性" 360发布智能体安全三层治理方案
Ransomware gangs find Europe’s weakest link in third-party suppliers
Ransomware attacks against European organizations increased during the first months of 2026, with third-party suppliers becoming a major entry point for attackers. Black Kite examined 2,066 ransomware incidents across 31 countries between January 2025 and April 2026 in its 2026 European Cyber Risk Report. Country distribution of ransomware attacks (Source: Black Kite) “Three forces are converging on European organisations at once: ransomware is accelerating, supply chains are becoming a primary attack path, and regulations are … More →
The post Ransomware gangs find Europe’s weakest link in third-party suppliers appeared first on Help Net Security.
Гифка с Пиноккио, клоун и ФБР. Как увольнение одного аналитика пошатнуло репутацию крупного ИБ-вендора Huntress
评论 | 让网络谣言这块“牛皮癣”无处可贴
专家观点 | 时建中:以高水平法治护航高质量网络生态
前沿 | 国外可信数据空间建设经验与启示
聚焦 | 共智·共进·共生——CSOP 2026网络安全运营实战大会开幕
【漏洞通告】Gogs 目录遍历漏洞(CVE-2026-52813)
A decade of infrastructure development, one new name: Coinspaid Dev
KuinaExtractor Uses Telegram Exfiltration, UAC Bypass, and Sandbox Detection for Stealth
A newly uncovered infostealer called KuinaExtractor has been quietly evolving for over six months, posing a serious and growing threat to users across multiple platforms. Written in the Rust programming language, the malware targets browser data, cryptocurrency wallets, and credentials for popular services including Roblox, Steam, and Discord. What makes this threat particularly concerning is […]
The post KuinaExtractor Uses Telegram Exfiltration, UAC Bypass, and Sandbox Detection for Stealth appeared first on Cyber Security News.
美国主导召集旨在强化AI供应链的多边会议
安全热点周报:Cisco Unified CM 漏洞补丁发布数周后遭攻击者利用
安全热点周报:Cisco Unified CM 漏洞补丁发布数周后遭攻击者利用
苹果将砍掉 M6 高端芯片,直接跳到 M7
Microsoft Warns of Photo ZIP Phishing Campaign Targeting Hotels with Node.js Implant
Microsoft Warns of Photo ZIP Phishing Campaign Targeting Hotels with Node.js Implant
每周勒索威胁摘要
Mirage2FA phishing kit uses HTML smuggling to steal Microsoft 365 credentials
Mirage2FA, a phishing kit that combines short-lived HTML smuggling with obfuscated JavaScript loaders to deliver fake Microsoft 365 login pages and steal credentials during MFA prompts, has been identified by researchers at Fortra. Fortra based its analysis on a suspicious HTML and JavaScript attachment delivered by email, supporting DNS data, and the second-stage phishing page. Researchers said the campaign relied on business-themed lures, including secure documents, remittance services, automated billing, and payment requests. Opening the … More →
The post Mirage2FA phishing kit uses HTML smuggling to steal Microsoft 365 credentials appeared first on Help Net Security.