Aggregator

Researchers Reveal ‘RegPwn,’ a Windows Registry Vulnerability That Granted SYSTEM Privileges

Cyber Security News
1 week 5 days ago

A high-severity Windows vulnerability dubbed “RegPwn” (CVE-2026-24291) is an elevation-of-privilege flaw that allows low-privileged users to gain full SYSTEM access. The MDSec red team discovered the vulnerability and successfully used it in internal engagements since January 2025, before it was addressed in a recent Microsoft Patch Tuesday update. The attack targets the way Windows manages […]

The post Researchers Reveal ‘RegPwn,’ a Windows Registry Vulnerability That Granted SYSTEM Privileges appeared first on Cyber Security News.

Abinaya

Critical FortiClient SQL Injection Vulnerability Enables Arbitrary Database Access

Cyber Security News
1 week 5 days ago

A critical SQL injection vulnerability in Fortinet’s FortiClient Endpoint Management Server (EMS). Tracked as CVE-2026-21643, this severe flaw carries a CVSS score of 9.1. It allows unauthenticated attackers to execute arbitrary SQL commands and access sensitive database information. The issue specifically affects FortiClient EMS version 7.4.4 when multi-tenant mode is active. The root cause stems […]

The post Critical FortiClient SQL Injection Vulnerability Enables Arbitrary Database Access appeared first on Cyber Security News.

Abinaya

韩国游戏发行商 CEO 为避免支付合同承诺的 2.5 亿美元而求助于 ChatGPT

Solidot
1 week 5 days ago
Unknown Worlds Entertainment 是知名水下生存游戏《Subnautica》的开发商,2021 年韩国游戏发行商 Krafton 以 5 亿美元收购了该游戏工作室,并在合同中承诺如果续作《Subnautica 2》销量足够好将额外支付 2.5 亿美元。Krafton 内部对《Subnautica 2》的销量预测相当乐观,因此 2.5 亿美元看起来不得不兑现了。然而 CEO Changhan Kim 不想支付这笔费用,他因此求助于 AI 聊天机器人 ChatGPT 而不是公司法务讨论如何避免支付 2.5 亿美元。公司法务认为奖金取消不了,但 Kim 在 ChatGPT 的帮助下设计了一个方案以莫须有理由突然解雇了 Unknown Worlds 的主要高管。被解雇的高管提起诉讼曝光了 ChatGPT 的阴谋。法官本周裁决 Unknown Worlds 前 CEO Ted Gill 恢复原职。拖延了很久的《Subnautica 2》预计将于今年 5 月发布抢先体验版本(early access)。

法官裁决苹果可以以任何理由下架应用

Solidot
1 week 5 days ago
Musi 是一款免费音乐串流应用,只有 iOS 版本,它本身并不托管音乐,而是利用了 YouTube 上的音乐。它诞生于 2013 年,2024 年 9 月因 YouTube 的投诉而被苹果下架,下架前其下载量超过 6600 万次。Musi 有广告,用户可以一次性支付 5.99 美元移除广告。在下架之后,Musi 起诉了苹果。加州北区联邦地区法院法官 Eumi Lee 本周裁决 Musi 败诉。法官称,根据苹果的开发者协议 Developer Program License Agreement(DPLA),苹果“不论有没有原因”都可以下架应用,它只需要发出终止通知。苹果向 Musi 发出了终止通知,因此下架并没有违反 DPLA。法官还抨击 Musi 的律师在案件中捏造事实,下令由该律所支付诉讼费用。

Why Data Security Standards in Cancer Innovation Matter

BankInfoSecurity.com
1 week 5 days ago
Cancer research and treatment innovation - and the tech that powers that - requires a great deal of collaboration and data sharing among multiple parties. But keeping that sensitive information secure and private is crucial - and requires adherence to standards, said Baxter Lee of Clearwater.

How Dell Is Building the Secure Agentic Enterprise

BankInfoSecurity.com
1 week 5 days ago
Dell's AI Blueprint for Identity, Agents and Agentic Infrastructure
Going all-in on AI with a top down strategy and a ravenous appetite for innovation has helped Dell transform its operations and grow revenue by $30 billion, and the company's evolution lays out a blueprint for how CIOs should think about building infrastructure for AI and managing an army of agents.

Native Launches With $42M for Multi-Cloud Security Push

BankInfoSecurity.com
1 week 5 days ago
Startup Native Targets Enterprise Policy-to-Architecture Gap Across Clouds
Startup Native emerged from stealth with $42 million to advance a proactive cloud security model that enforces policy-driven controls, helping enterprises manage AI-driven threats and maintain consistent protections across complex multi-cloud environments.

House Panel Warns of Chinese AI Robotics Threat

BankInfoSecurity.com
1 week 5 days ago
AI, Robotics Leaders Warn Chinese Robots Could Disrupt Sensitive Operations
Witnesses told a U.S. House Homeland Security panel that Chinese-developed AI robotics platforms could give Beijing new avenues for surveillance, disruption and physical harm across critical sectors, and urged restrictions on federal use as China expands its industrial dominance.

EU Belatedly Sanctions Chinese and Iranian Hackers

BankInfoSecurity.com
1 week 5 days ago
Chinese Hacking Firm iSoon and Iran's Emennet Pasargad Among Targets
The European Union sanctioned three Chinese and Iranian hacking operations that have been under U.S. indictments or sanctions for over a year - or, in one case, since 2019. The sanctions freeze assets and forbid EU citizens and companies from funding or otherwise doing business with the targets.

Cybercriminals scale up, government sector hit hardest

Help Net Security
1 week 5 days ago

Government agencies faced the highest volume of cyberattack campaigns in 2025, according to new findings from HPE Threat Labs, which tracked 1,186 active campaigns over the course of the year. The data covers activity observed between January 1 and December 31, 2025, and reflects a broad mix of sectors and attack types. Top sectors targeted by threat campaigns in 2025 (Source: HPE) AI and automation drive faster, more powerful cyberattacks Government agencies were targeted in … More →

The post Cybercriminals scale up, government sector hit hardest appeared first on Help Net Security.

Sinisa Markovic

Exposed Ollama Servers: Security Risks of Publicly Accessible LLM Infrastructure

Security Boulevard
1 week 5 days ago

Learn how exposed Ollama servers can allow unauthorized model access, prompt abuse, and GPU resource consumption when LLM inference APIs are publicly accessible.

The post Exposed Ollama Servers: Security Risks of Publicly Accessible LLM Infrastructure appeared first on Indusface.

The post Exposed Ollama Servers: Security Risks of Publicly Accessible LLM Infrastructure appeared first on Security Boulevard.

Aayush Vishnoi

360龙虾卫士上线:九大能力专治OpenClaw“裸奔”

嘶吼
1 week 5 days ago

OpenClaw的爆火,让2026年成为智能体全面落地的转折之年。AI正从“会聊天”的参谋,变成“会办事”的员工——随着OpenClaw开始进入办公、开发和内容创作等实际场景,恶意技能投毒、隐私泄露、API密钥被盗等安全事件频发。

安全,成为这场变革中最关键的一环。 

近日,360首次将“安全”作为智能体产品的核心基因,推出行业首创的“安全龙虾”系列产品,其中专攻OpenClaw风险的“360龙虾卫士”正式亮相。该产品采用“最小权限原则”和“人在回路”的核心防护策略,在不影响OpenClaw正常使用的前提下,通过实时监控与AI安全模型识别潜在风险,构建“以模治模”的智能安全防护机制,为智能体运行建立安全边界,让每一只“龙虾”都能安全可控。

一、 安全破局:给每一只“龙虾”装上安全锁

OpenClaw的复杂架构在带来极致便利的同时,也如同为攻击者敞开了大门。国家互联网应急中心(CNCERT)发布《关于OpenClaw安全应用的风险提示》,指出为实现“自主执行任务”的能力,OpenClaw被赋予了较高的系统权限。然而,其默认的安全配置极为脆弱,攻击者一旦发现突破口,便能轻易获取系统的完全控制权。

由于OpenClaw的不当安装和使用,提示词注入、技能投毒、安全漏洞等风险正潜伏在每一个“养虾人”身边。

360龙虾卫士专为OpenClaw类智能体安全风险而设计,采用“最小权限原则”和“人在回路”的核心防护策略,通过虚拟化沙箱(WSL)隔离运行环境,将智能体执行空间与用户数据进行分离,借助AI安全引擎识别恶意技能、异常指令以及潜在漏洞,主动拦截技能投毒、提示词注入等攻击行为,以九大能力为构建起纵深防护体系。

环境防御——让运行空间更干净

1. 漏洞扫描

在攻击者发现之前,先找到自己的软肋。360龙虾卫士内置最新漏洞库,可自动扫描OpenClaw运行环境中的已知漏洞,并提供修复建议,将安全隐患消灭在萌芽状态。

2. 扩展安全评估

安装第三方Skill前先“体检”。针对ClawHub等技能市场鱼龙混杂的现状,360龙虾卫士在技能安装前自动进行安全评估,识别恶意代码、后门程序和数据窃取行为,让毒Skill无处遁形。

3. Agent进程管控

杜绝“后台偷跑”,对运行中的进程进行统一监控和管理,异常进程自动隔离,防止未经授权的Agent私自启动或窃取权限,从源头杜绝“冒牌龙虾”。

行为管控——让“手脚”听指挥

4. 破坏性操作拦截

防“删库跑路”的最后一道闸。针对rm -rf、格式化磁盘、批量删除等高危命令,360龙虾卫士提供强制拦截机制,杜绝因AI幻觉或恶意指令导致的灾难性后果。

5. 文件访问范围控制

给“龙虾”画个圈。通过精细化配置,限制OpenClaw可访问的文件目录范围,即使AI被恶意诱导,也无法越界读取或篡改圈外的重要文件,将破坏限定在可控区域内。 

6. 网络流量/外传检测

数据出门,必须报备。实时监控OpenClaw的网络通信行为,识别异常流量,对可疑的外连请求实时告警并阻断,防止敏感数据“偷偷溜走”。

7. 提示注入防护

别想“催眠”我的AI。通过AI安全引擎实时分析输入内容,识别并拦截隐藏在邮件、网页、文档中的恶意指令,让提示词注入攻击无处下手,守护AI的“认知安全”。 

数据守护——让敏感信息不外泄

8. 敏感文件保护

你的隐私,AI不能乱看。对包含个人隐私、商业机密、账号凭证的敏感文件进行特别保护,未经授权的访问请求将被实时拦截并告警。无论是银行卡号、密码文件还是私人照片,都在360的“保险箱”里安然无恙。 

9. 屏幕内容保护

你在支付时,AI不能偷看。当检测到用户正在进行在线支付、输入密码、查看敏感文档等高危操作时,360龙虾卫士自动暂停OpenClaw的屏幕访问权限,防止AI“偷窥”你的隐私。任务完成后,权限自动恢复,既不影响使用,又守住隐私底线。

二、让安全成为智能体时代的“标配”

目前,360龙虾卫士已内置在“360安全龙虾”产品中,通过虚拟化沙箱(WSL)隔离运行环境,将智能体执行空间与用户数据进行分离。更重要的是,未来,360龙虾卫士将适配市面上所有主流OpenClaw版本,让安全能力惠及全行业。

“安全永远是配角,它的使命是为数字化、智能化保驾护航。”360集团创始人周鸿祎表示。360龙虾卫士不会做过度拦截,不打扰用户的正常使用,只解决核心安全问题。无论是个人极客、一人公司,还是企业用户,均可下载使用。

不发展才是最大的不安全。技术发展带来的问题,只能用发展来解决。龙虾不是洪水猛兽,而是中国AI落地的最大机会。360龙虾卫士的使命,就是让这场AI革命,在安全的轨道上行稳致远。

访问clawsafe.360.cn即刻下载360龙虾卫士

企业资讯

CVE-2024-49945 | Linux Kernel up to 6.10.13/6.11.2 ncsi use after free (f6ca58696749/dd41dab62f32/a0ffa68c70b3 / Nessus ID 212537)

Vuldb Updates
1 week 5 days ago
A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.10.13/6.11.2. Affected is an unknown function of the component ncsi. Performing a manipulation results in use after free. This vulnerability is reported as CVE-2024-49945. The attacker must have access to the local network to execute the attack. No exploit exists. It is advisable to upgrade the affected component.
vuldb.com

CVE-2024-49944 | Linux Kernel up to 6.11.2 sctp_listen_start null pointer dereference (Nessus ID 212884 / WID-SEC-2024-3251)

Vuldb Updates
1 week 5 days ago
A vulnerability classified as critical has been found in Linux Kernel up to 6.11.2. This impacts the function sctp_listen_start. Performing a manipulation results in null pointer dereference. This vulnerability is identified as CVE-2024-49944. The attack can only be performed from the local network. There is not any exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2024-49946 | Linux Kernel up to 5.15.167/6.1.112/6.6.54/6.10.13/6.11.2 ppp_channel_bridge_input deadlock (Nessus ID 210940 / WID-SEC-2024-3251)

Vuldb Updates
1 week 5 days ago
A vulnerability categorized as critical has been discovered in Linux Kernel up to 5.15.167/6.1.112/6.6.54/6.10.13/6.11.2. Affected is the function ppp_channel_bridge_input. Executing a manipulation can lead to deadlock. This vulnerability is registered as CVE-2024-49946. The attack requires access to the local network. No exploit is available. It is advisable to upgrade the affected component.
vuldb.com

CVE-2024-49943 | Linux Kernel up to 6.11.2 guc_submit wedged_fini null pointer dereference (d88f9bab7e62/790533e44bfc / Nessus ID 216493)

Vuldb Updates
1 week 5 days ago
A vulnerability classified as critical has been found in Linux Kernel up to 6.11.2. Affected is the function wedged_fini of the component guc_submit. This manipulation causes null pointer dereference. This vulnerability appears as CVE-2024-49943. The attacker needs to be present on the local network. There is no available exploit. It is recommended to upgrade the affected component.
vuldb.com

Managed ad