Aggregator

Marquis, a Texas-based financial services provider, revealed this week that a ransomware gang stole the data of over 670,000 individuals in an August 2025 cyberattack that also disrupted operations at 74 banks across the United States. [...]

Apple has released critical security patches to address a high-severity WebKit vulnerability that allows maliciously crafted web content to bypass the Same Origin Policy. Released on March 17, 2026, these updates apply to the latest versions of Apple’s mobile and desktop operating systems. The patch is delivered through the Background Security Improvements mechanism, ensuring devices […]

The post Apple WebKit Vulnerability Enables Malicious Web Content Bypass on iOS and macOS appeared first on Cyber Security News.

Partial Leak of Knownsec Corporate Documents Resurfaces With Espionage Tradecraft, Offensive Cyber Tools, and Global Targeting Evidence

A vulnerability labeled as problematic has been found in nicolargo glances up to 4.5.1. This impacts the function as_dict_secure of the file /api/v4/config of the component Endpoint. Such manipulation leads to information disclosure. This vulnerability is documented as CVE-2026-32609. The attack can be executed remotely. There is not any exploit available. The affected component should be upgraded.

Google 安全团队披露了被称为 DarkSword 的漏洞利用链，数亿 iPhone 用户受到影响，苹果已经释出修复补丁。对 DarkSword 的利用最早可追溯到 2025 年 11 月，研究人员推测商业间谍软件正在利用该漏洞。受影响的版本从 iOS 18.4 到 18.7 版本，攻击者组合利用六个漏洞完全控制设备，之后部署恶意程序 GHOSTBLADE、GHOSTKNIFE 和 GHOSTSABER。Google 安全团队于 2025 年底向苹果公司报告了 DarkSword 使用的漏洞，所有漏洞已在 iOS 26.3 中修复。

CVE-2026-32746 is a critical flaw in GNU InetUtils telnetd that allows remote attackers to execute code with elevated privileges Cybersecurity company Dream disclosed a critical flaw, tracked as CVE-2026-32746 (CVSS score of 9.8), in GNU InetUtils telnetd that lets unauthenticated remote attackers execute code with elevated privileges. The issue stems from an out-of-bounds write in […]

2月底，美国和以色列对伊朗发动首次打击时，据《福布斯》报道，打击目标之一是伊朗情报与安全部（MOIS）。 据报道，至少有两名被控对西方实体发动网络攻击的伊朗人在袭击中丧生。其中一人是穆罕默德·迈赫迪·法哈迪·拉明，美国司法部于2020年指控他入侵美国航空航天和国防公司的系统，此后一直被美国当局通缉。 另一名嫌疑人是负责以色列事务的副部长赛义德·叶海亚·侯赛尼·潘贾基，他已被列入美国联邦调查局十大通缉犯名单。网络安全消息人士告诉《福布斯》，潘贾基负责对以色列情报部下属的一个部门，该部门控制着像Handala这样的黑客组织。Handala长期以来被认为是一个亲伊朗的黑客组织，曾成功攻击过以色列政界人士和西方企业。 但这并没有影响网络攻击行动，Handala 组织取得了一项重大战果，目标是位于密歇根州的医疗器械供应商 Stryker 公司。该组织声称已入侵并清除了 Stryker 公司的系统，永久性地抹去了 12 PB 的数据，如此大规模的数据销毁在今天前所未有。 Stryker在发给客户的通知中证实，其微软系统遭到入侵，目前正在进行恢复工作，进展顺利。Handala也声称入侵了以色列支付服务提供商Verifone的系统，但该公司表示尚未发现任何入侵证据。 与此同时，另一个据信隶属于同一情报部（MOIS）的名为“国土正义”（Homeland Justice）的组织声称，他们于周日入侵了阿尔巴尼亚议会，原因是该议会支持一个伊朗anti政府组织。阿尔巴尼亚官员证实，由于此次入侵，电子邮件系统已离线。 该黑客组织之所以能够保持在线，似乎与SpaceX公司走私的星链卫星互联网设备有关。以色列网络安全公司Check Point表示， Handala似乎也在使用人工智能来编写恶意代码，但该公司无法确定具体使用了哪些人工智能模型。

A prompt injection vulnerability paired with other flaws can turn a Google search into a full attack chain that could threaten enterprise networks.

Our annual analysis brings you a year’s worth of security operations insights, including how adversaries are both leveraging and targeting AI

СК обвинил жителя Кузбасса в финансировании терроризма.

Network security has taken another hard hit. Two previously unknown malware strains have emerged, quietly turning routers, IoT devices, and enterprise network equipment into weapons for large-scale distributed denial-of-service (DDoS) attacks and cryptocurrency mining operations. These campaigns mark a clear shift in how threat actors are exploiting the very network infrastructure that organizations depend on […]

The post New Malware Campaigns Turn Network Devices Into DDoS Nodes and Crypto-Mining Bots appeared first on Cyber Security News.

A serious operational security failure by Russian state-linked hacking group FancyBear has given security researchers an unusually clear view into an active espionage campaign targeting government and military organizations across Europe. On March 11, 2026, threat intelligence firm Hunt.io published findings on a campaign it tracks as Operation Roundish, based on an exposed open-directory first […]

The post FancyBear Server Exposure Reveals Stolen Credentials, 2FA Secrets and NATO-Linked Targets appeared first on Cyber Security News.

根据发表在《Ecological Economics》期刊上的一项研究，当保护环境和经济增长发生冲突时 58% 的人倾向于选择保护环境。研究分析了 92 个国家居民的反馈数据，结果显示：58% 的人更偏向保护环境；西欧、东南亚、美洲、澳大利亚和新西兰居民对环境保护的支持度最高；西方国家中的女性、年轻人、受过良好教育以及政治倾向较为自由的人更重视环境保护；东欧、中亚、非洲和中东地区对保护环境的支持度较低，研究人员猜测可能与这些地区的经济发展较低相关。

ConnectWise has issued an urgent security advisory for its ScreenConnect remote desktop software, disclosing a critical cryptographic vulnerability that could allow unauthenticated attackers to extract server-level machine keys and hijack session authentication. The flaw, tracked as CVE-2026-3564, affects all ScreenConnect versions prior to 26.1 and carries a CVSS score of 9.0, placing it firmly in […]

The post ScreenConnect Vulnerability Allows Hackers to Extract Unique Machine Keys and Hijack Sessions appeared first on Cyber Security News.

Теневой рынок столкнулся с неожиданной переменой правил игры.

Cybersecurity and Infrastructure Security (CISA) Acting Director Nick Andersen said the agency has been working closely with industry and sector-based groups on threats from Iran in the past couple of weeks.

A vulnerability identified as critical has been detected in Shinetheme Traveler Plugin 3.2.2/3.2.3/3.2.6/3.2.8 on WordPress. This affects an unknown function. This manipulation causes deserialization. This vulnerability is registered as CVE-2026-25449. Remote exploitation of the attack is possible. No exploit is available. You should upgrade the affected component.