Aggregator
网络安全信息与动态周报2026年第25期(6月15日-6月21日)
【漏洞通告】Cisco Unified Communications Manager WebDialer 服务器端伪造请求漏洞(CVE-2026-20230)
【漏洞通告】FFmpeg MagicYUV PixelSmash 解码器堆越界写入漏洞(CVE-2026-8461)
评论 | 强化联合惩戒震慑电诈“工具人”
专家观点 | 以网络安全标识促联网产品网络安全能力提升
关注 | 我国牵头制定的联合国自动驾驶系统全球技术法规获批发布
前沿 | 人工智能供应链安全风险分析与防护体系构建
周鸿祎ISC宣布打造“中国版Mythos”:已具备同等漏洞自动挖掘能力
Malicious Chrome Extension Uses Native Messaging Host to Execute PowerShell Commands
A newly discovered malware campaign has turned Google Chrome into a remote backdoor without breaking any of the browser’s built-in rules. Spotted in June 2026, the attack arrived in Italian-language phishing emails that looked like standard business invoices. The email claimed a requested invoice was ready, signed off by an accounting office, and showed what […]
The post Malicious Chrome Extension Uses Native Messaging Host to Execute PowerShell Commands appeared first on Cyber Security News.
SpyCloud automates threat investigations with new Research Agent
SpyCloud has announced the launch of SpyCloud Research Agent, a conversational AI investigation agent now available in its Cybercrime Investigations console. Cybercrime investigations have a tax: hours of manual pivot work that experienced analysts run by instinct and junior analysts struggle to replicate. SpyCloud Research Agent eliminates it. Security practitioners, CTI analysts, SOC teams, fraud investigators, and IR leads, can now give the agent a subject, a hypothesis, or a batch of assets, and it … More →
The post SpyCloud automates threat investigations with new Research Agent appeared first on Help Net Security.
CVE-2023-29146 | Malwarebytes Endpoint Agent/EDR on Windows/Linux utility data authenticity
英国维基百科员工寻求成立工会
Flare unveils new CTI capabilities and Okta support
Flare has announced the expanded capabilities for Flare CTI, and an Okta integration within its Identity Exposure Management (IEM) offering. These updates extend Flare’s identity expertise into tactical threat intelligence use cases and agentic workflows to reshape security operations. As security teams face growing volumes of threats, many continue to rely on costly, disconnected tools for threat intelligence, threat investigation, and identity risk management. Flare’s latest platform enhancements help organizations consolidate those workflows, giving analysts … More →
The post Flare unveils new CTI capabilities and Okta support appeared first on Help Net Security.
APT-C-36近期针对哥伦比亚境内的活动分析
CVE-2022-39044 | Buffalo WHR-HP-G300N os command injection (EUVD-2022-41590)
CVE-2022-39042 | aEnrich a+HRD Login improper authentication (EUVD-2022-41588)
CVE-2022-39043 | Juiker App information disclosure (EUVD-2022-41589)
«Получите 200 тысяч за минуту». Рассказываем, почему этот щедрый бот оставит без обеда
Seemplicity AI Analysts focus remediation on exploitable risks
Seemplicity has launched AI Analysts for exposure management and response. The autonomous agents replace manual vulnerability triage by working directly within remediation workflows to conduct structured, evidence-based exploitability investigations. The old playbook is broken. AI-generated exploits have collapsed the window between disclosure and weaponization from days to hours, and the static scores and external signals teams once trusted can no longer keep pace. “The danger was never the alerts we could see, it was the … More →
The post Seemplicity AI Analysts focus remediation on exploitable risks appeared first on Help Net Security.