Aggregator

反向代理加持！虚假OpenClaw安装包成新一代高危窃密木马

One of the world’s most dangerous state-backed hacking groups is actively targeting Remote Desktop Protocol (RDP) servers across critical infrastructure, defense organizations, and government agencies. The threat actor, known as APT-C-13 and widely tracked as Sandworm, APT44, Seashell Blizzard, and Voodoo Bear, has long been conducting cyber operations since at least 2009. Its latest campaign, […]

The post APT Hackers Attacking RDP Servers to Deploy Malicious Payloads and Establish Persistence appeared first on Cyber Security News.

Companies need better controls to manage key threats rising from the growth of agentic AI. These new features provide a starting point.

A powerful iOS exploit toolkit known as DarkSword has been publicly leaked on GitHub, dramatically lowering the barrier for cybercriminals to target hundreds of millions of iPhones and iPads still running outdated software. Security researchers are sounding the alarm as the leak transforms what was once a sophisticated, state-linked offensive tool into an accessible attack […]

The post DarkSword Exploit Chain That Can Hack Millions of iPhones Leaked Online appeared first on Cyber Security News.

The Dutch Ministry of Finance confirmed on Monday that some of its systems were breached in a cyberattack detected last week. [...]

Cybersecurity has changed fast. Roles are more specialized, and tooling is more advanced. On paper, this should make organizations more secure. But in practice, many teams struggle with the same basic problems they faced years ago: unclear risk priorities, misaligned tooling decisions, and difficulty explaining security issues in terms the business understands. These challenges do not

Dr Richard Horne delivered a keynote about cyber risks and opportunities at the RSAC Conference in San Francisco

If ‘vibe coding’ disrupts the software market like SaaS did 20 years ago, what does this mean for cyber security?

Cybersecurity researchers have uncovered a new set of malicious npm packages that are designed to steal cryptocurrency wallets and sensitive data. The activity is being tracked by ReversingLabs as the Ghost campaign. The list of identified packages, all published by a user named mikilanjillo, is below - react-performance-suite react-state-optimizer-core react-fast-utilsa ai-fast-auto-trader

Exploitation timelines continued to compress in enterprise environments, with newly disclosed flaws reaching active use almost immediately and older weaknesses remaining active years after disclosure. (Source: Cisco Talos) Findings from Cisco Talos’ 2025 Year in Review show how attackers combined rapid weaponization with long-term exposure spanning infrastructure, identity systems, and user workflows. Top-targeted vulnerabilities show speed and persistence Newly disclosed vulnerabilities moved into active exploitation with little delay. React2Shell became the most targeted vulnerability of … More →

The post Vulnerabilities from years ago still opening doors for attackers appeared first on Help Net Security.

研究人员报告超加工食品与男性生育能力下降相关。研究团队分析了 831 名女性和 651 名男性的数据，参与者来自一项前瞻性队列研究“R 世代下一代研究”。该研究从备孕阶段开始追踪父母，直至子女进入童年期。研究纳入了 2017 至 2021 年间处于备孕或孕期的夫妻。研究人员在孕早期约 12 周时通过问卷评估父母的饮食状况。食物分为非超加工食品与超加工食品两类。女性与男性的超加工食品平均摄入占比分别为 22% 和 25%。女性摄入超加工食品与不孕风险、备孕时长并未呈现一致关联。男性超加工食品摄入越多，不育风险越高，备孕成功所需时间越长。研究人员强调只是相关性不是因果，需要更多数据观察。

DarkSword exploit leak puts up to 270 million iPhones at risk, with hackers able to access data through…

Prompt abuse occurs when crafted inputs manipulate an AI system into producing unintended behavior, such as attempting to access sensitive information or overriding built-in safety instructions. Prompt injection is also recognized as one of the top risks in the 2025 OWASP guidance for LLM applications. “Detecting abuse is challenging because it exploits natural language, such as subtle differences in phrasing, which can manipulate AI behavior while leaving little or no obvious trace. Without proper logging … More →

The post Microsoft details AI prompt abuse techniques targeting AI assistants appeared first on Help Net Security.

There is a version of threat monitoring that looks impressive on paper and fails in practice. High log ingestion volumes. Hundreds of detection rules. A dashboard full of metrics. And yet, attackers dwell in the environment for weeks or months completely undetected, moving laterally, exfiltrating data, preparing a payload.  The problem is not a lack of […]

The post Why Your Monitoring Program Is Letting Attackers Win  appeared first on Cyber Security News.

GPU-accelerated AI workloads now run on Kubernetes in the large majority of enterprise environments. Managing those workloads at scale has required specialized tooling that, until now, remained under vendor control. NVIDIA moved to change that at KubeCon Europe in Amsterdam this week, donating its Dynamic Resource Allocation (DRA) Driver for GPUs to the Cloud Native Computing Foundation (CNCF). The transfer shifts ownership of the driver from NVIDIA to the broader Kubernetes project community. Developers across … More →

The post NVIDIA puts GPU orchestration in community hands appeared first on Help Net Security.

Иранские спецслужбы научились тайно читать чужие переписки и слушать звонки.

U.S. sentences Russian hacker Aleksei Volkov to 81 months in prison for aiding ransomware attacks, causing over $9M in damages. A U.S. court sentenced Aleksei Olegovich Volkov to 81 months in prison for supporting ransomware groups like Yanluowang. He helped carry out dozens of attacks, causing over $9M in losses. Arrested in Italy in 2024 […]

Check Point has announced the Check Point AI Defense Plane, a unified AI security control plane designed to help enterprises govern how AI is connected, deployed, and operated across the business. As AI systems move from assistants to autonomous actors that access data, invoke tools, and take action, the AI Defense Plane provides the intelligence layer needed to secure these systems. “The enterprise is entering the agentic era. AI is no longer limited to generating … More →

The post Check Point unveils AI Defense Plane to govern and secure enterprise AI systems appeared first on Help Net Security.

Microsoft Intune manages endpoints at scale. It pushes apps, enforces security baselines, and configures devices across your entire organization. That […]

The post Securing Microsoft Intune: Why Your Endpoint Management Platform Is Also an Attack Surface appeared first on HawkEye.