Aggregator

Китайский ИИ ищет преступника до преступления.

Acer is working to address two maximum-severity zero-day vulnerabilities affecting its Wave 7 mesh routers. [...]

Alcasec, the "Robin Hood of Spanish Hackers," is jailed for 31 months after admitting to stealing and selling Spanish citizens' banking data.

Человек не заметит подвох, пока машина безвозвратно не удалит все файлы.

Enterprise teams are running AI agents that write code, drive browsers, answer customer calls, manage cloud infrastructure, and query data warehouses with standing credentials. A new independent assessment of 100 production agents finds that nearly all of them carry the conditions for a single hostile document to take them over. The AI Risk Quadrant (AIRQ) report, a 2026 Q2 edition produced by independent researchers, scores 100 commercial and publicly available AI agents across three dimensions: … More →

The post Only 11% of production agents pass the AI agent security bar appeared first on Help Net Security.

AI 漏洞挖掘开始交付"工程化结果" 从音频解码到工业 CAD，从车端 CAN 帧到企业 Java 中间件——这一次，AI 红队没有靠"灵感"。

AI 漏洞挖掘开始交付"工程化结果" 从音频解码到工业 CAD，从车端 CAN 帧到企业 Java 中间件——这一次，AI 红队没有靠"灵感"。

AI 漏洞挖掘开始交付"工程化结果" 从音频解码到工业 CAD，从车端 CAN 帧到企业 Java 中间件——这一次，AI 红队没有靠"灵感"。

Trump's executive order invites voluntary pre-release review of frontier AI models

Функция, созданная для удобства, открыла дорогу к чужим репозиториям.

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Android and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Windows Shell and ConnectWise ScreenConnect flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog: The first flaw added to the catalog, tracked […]

Security leaders are under growing pressure to reduce the time between threat detection and response without adding more complexity to already overloaded SOC workflows. ANY.RUN’s May updates help teams act on security risks more efficiently, improve consistency across investigations, and maintain stronger protection as attacker tactics continue to evolve. Discover the updates your team can […]

The post Release Notes: Decision-Ready SOC Reporting, Elastic Security Integration, and 1400+ Threat Coverage Updates appeared first on ANY.RUN's Cybersecurity Blog.

微软宣布了其第二代量子芯片 Majorana 2。但专家认为微软的量子芯片缺乏坚实的研究基础，根本行不通。微软是在 2025 年初宣布了其第一代量子计算芯片 Majorana 1，利用它所谓的拓扑体去观察和控制马约拉纳粒子，从而产生更可靠和可扩展的量子比特。第一代拓扑体使用砷化铟半导体和铝超导体，结果到了第二代微软换成了铅超导体，声称量子比特的寿命从 20 秒延长到了 1 分钟。科学家对微软的说法持强烈怀疑态度，它的最新论文预印本尚未通过同行审议，物理学家 Henry Legg 认为预印本中数据来自于随机伪影。微软的上一篇预印本至今没有通过同行审议，很可能已被顶尖期刊拒绝了。

Cybersecurity researchers have disclosed details of an unpatched issue that could be exploited to disclose a user's NTLMv2 hash to the attacker. Like in the case of CVE-2026-33829, which impacted the Windows Snipping Tool's ms-screensketch: URI handler, the newly flagged issue resides in the search: URI handler, per Huntress. CVE-2026-33829 refers to a spoofing vulnerability that could expose

European and international law enforcement agencies have dismantled nine organized crime groups and arrested 29 suspects in a major crackdown on illegal streaming operations. [...]

Cybersecurity leaders major companies discuss how they got support from the board on cyber risk

Хакера он не заменил. Зато помогает фишингу, эксплойтам и вредоносному коду.

漏洞分析、脚本生成… 大语言模型助力

一个恶意请求，就能让服务器内存瞬间爆炸