美国国家情报总监办公室
(Office of the Director of National Intelligence, ODNI)是美国联邦政府的一个独立行政机构,负责统筹、协调和监督整个美国情报体系(Intelligence Community, IC)。
Aggregator
$4 млрд, 10 лет и одно зеркало тоньше волоса: NASA отправляет телескоп Roman на охоту за тёмной материей
1 week 4 days ago
Финальный осмотр завершен. А дальше? Только космос.
INC
1 week 4 days ago
You must login to view this content
cohenido
DriveSurge Hijacks Thousands of Sites for ClickFix, FakeUpdate Attacks
1 week 4 days ago
A sneaky, wide-scale IAB operation uses a malicious traffic distribution system (TDS) to redirect visitors of trusted websites to ones that deliver malware.
Elizabeth Montalbano
HPE security advisory (AV26-543)
1 week 4 days ago
Canadian Centre for Cyber Security
AI-built ransomware toolkit automates EDR evasion, AD discovery
1 week 4 days ago
A threat actor is using an AI-built ransomware attack toolkit that automates Active Directory discovery and helps evade endpoint detection and response (EDR) solutions. [...]
Bill Toulas
China Uses Dual-Method Cyberattack on Czech Orgs
1 week 4 days ago
China is stealing data from high-value targets via a sneaky, double-layer spear-phishing campaign that includes the Azureveil malware.
Alexander Culafi
Securing AI Agents Before They Go Rogue Is Next to Impossible
1 week 4 days ago
High-autonomy agents with broad permissions and unfettered access are a recipe for disaster, and enterprises need to act now before they become the next horror story.
Rob Wright
WordPress Malware Abuses Steam Community Profiles for C2 Operations
1 week 4 days ago
A newly discovered malware campaign targeting WordPress websites has raised serious concerns across the web security community. Attackers behind this campaign are using an unexpected method to communicate with infected sites, hiding command instructions inside Steam Community profile comments and turning a popular gaming platform into a covert control channel. The malware works in two […]
The post WordPress Malware Abuses Steam Community Profiles for C2 Operations appeared first on Cyber Security News.
Tushar Subhra Dutta
Google June 2026 Android Update Patches 124 Flaws, One Actively Exploited
1 week 4 days ago
Google on Monday released patches for 124 security vulnerabilities impacting its Android operating system for the month of June 2026, including one high-severity flaw in the Framework component that has come under active exploitation.
Tracked as CVE-2025-48595 (CVSS score: 8.4), the security flaw has been described as a case of privilege escalation without requiring any user interaction. The
The Hacker News
Threat Actor Uses Stolen Gemini API Keys to Automate Telegram Influence Campaign
1 week 4 days ago
A single threat actor has been running a fake political persona on Telegram for five years, quietly building an audience of over 17,000 subscribers while using stolen AI credentials to power the entire operation. What looks like an American patriot channel is actually a financially motivated fraud scheme run by a solo Russian-speaking operator. The […]
The post Threat Actor Uses Stolen Gemini API Keys to Automate Telegram Influence Campaign appeared first on Cyber Security News.
Tushar Subhra Dutta
NVIDIA сделала ИИ, который воспринимает мир как человек — и отдала его роботам, беспилотникам и умным заводам
1 week 4 days ago
Cosmos 3 - это главное, чего не хватало настоящей робототехнике.
White House unveils pared-back AI executive order
1 week 4 days ago
The order notes that federal access to the models should be subject to “appropriate confidentiality, cybersecurity, insider-risk, and intellectual-property protection, use, and nondisclosure requirements.”
Mozilla security advisory (AV26-542)
1 week 4 days ago
Canadian Centre for Cyber Security
JetBrains security advisory (AV26-541)
1 week 4 days ago
Canadian Centre for Cyber Security
Gamaredon Exploits WinRAR to Deliver GammaWorm and GammaSteel Against Ukraine
1 week 4 days ago
The Russian hacking group known as Gamaredon has been attributed to the continued exploitation of a WinRAR vulnerability to deliver multiple malware families aimed at data theft and propagation.
Per Sekoia, the activity involves the weaponization of CVE-2025-8088, a path traversal flaw in WinRAR, to launch an HTML Application payload dubbed GammaPhish, which is then used to retrieve an
The Hacker News
Oracle WebLogic CVE-2024-21182 Added to KEV Catalog After Active Exploitation
1 week 4 days ago
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a high-severity security flaw impacting Oracle WebLogic Server to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.
The vulnerability, CVE-2024-21182 (CVSS score: 7.5), allows an unauthenticated attacker with network access to take control of susceptible servers. It was
The Hacker News
Black X
1 week 4 days ago
You must login to view this content
cohenido
Black X
1 week 4 days ago
You must login to view this content
cohenido
Где пообедать в чужом городе? Ответ в заметках Фейнмана — нобелевский лауреат вывел формулу лучшего ужина
1 week 4 days ago
Математика точно знает, когда вам пора перестать искать новые места.