Aggregator

The underground cybercriminal world saw a notable development on March 22, 2026, when a new Tor-based leak site called “ALP-001” appeared on the dark web, openly marketing itself as a “Data Leaks / Access Market.” The emergence of this platform points to a growing trend where established threat actors who traditionally sell corporate network access […]

The post New Data Leak Site Uncovered Linked to Active Initial Access Broker on Underground Forums appeared first on Cyber Security News.

日前，由汕头华侨经济文化合作试验区管委会指导，360集团AI世界社区、超声波俱乐部、Way to AGI社区联合主办的“AI Open Day・汕头龙虾大会”在汕头跨境数字经济产业园正式拉开帷幕。作为360安全龙虾系列沙龙南下大湾区的重要一站，本次大会吸引了超400位技术开发者、安全专家及企业数字化负责人到场。

在大会现场，最受瞩目的是人气爆棚的“龙虾装机体验区”。为了满足参会者对前沿AI工具的迫切需求，装机活动在早晨8点便提前启动。现场，数位专业工程师全天候为参与者提供从安装部署、模型配置到安全防护的免费一站式服务。

汕头站的火热，仅仅是360“安全龙虾”全国装机热潮的一个缩影。为了让龙虾AI智能体真正走进千城万企，打破AI技术落地的“最后一公里”，自2026年3月起，360正式启动了“AI Open Day龙虾大会” （以下简称“龙虾大会”）全国巡回活动。截至目前，龙虾大会已在北京、武汉、上海、呼和浩特、汕头等多地成功落地，场场爆满。数据显示，线下活动已吸引超过5000名AI从业者与技术爱好者到场，累计完成近千台设备的现场装机服务。其中，北京首站落地360总部，线上直播累计观看量迅速突破4万人次；而在全国范围内，系列活动的线上曝光已超20万人次，全国“虾友”社群规模突破万人大关。

这种“面对面”解决痛点、手把手实操落地的模式，让360安全龙虾实现了真正的跨圈层普及。在各地的装机体验区，排队的人群中既有寻求降本增效的企业管理者、资深技术开发者，还有年轻的创新创业者。无需复杂的代码基础，不同年龄、不同行业的用户都能通过工程师的协助，让设备实现“看得见、装得上、用得好、用得安”。 

本次汕头龙虾大会围绕大模型Agent技术挑战、AI安全防护方法论等核心议题展开了深度研讨。现场一位顺利完成装机的企业负责人表示：“这次活动既有前沿技术方向的深度探讨，又有极其接地气的实操体验，让我们清晰看到了AI安全技术的落地价值。”

以汕头站为契机，360安全龙虾生态正加速向粤港澳大湾区东部延伸。据了解，未来360将持续携手汕头华侨试验区，共建AI安全技术创新中心与人才培养基地。同时，龙虾大会的全国版图还将陆续登陆临汾、宁波、成都、合肥等全国近50个城市，形成覆盖华北、华东、华南、西北、西南的全面布局。

TokenFlare Serverless AITM Phishing Simulation Framework for Entra ID / M365 Features Lean: Core logic (in src/worker.js only ~530 lines

The post The Serverless Spectre: How TokenFlare is Redefining M365 Phishing with Built-In Intune Bypasses appeared first on Penetration Testing Tools.

The GlassWorm malware crusade has once again recalibrated its stratagems, mutating into a demonstrably more perilous threat. Within

The post The Blockchain Shadow: How GlassWorm Malware Hijacked Solana to Command IDE Contagion appeared first on Penetration Testing Tools.

The iPhone has long been heralded as one of the most impenetrable smartphones on the market; however, a

The post The Fortress Cracked: How “Coruna” and “DarkSword” Brought State-Level Spyware to Global Cybercriminals appeared first on Penetration Testing Tools.

An international consortium of law enforcement agencies has dealt a devastating blow to one of the most formidable

The post The Fall of the Digital Leviathans: Global Task Force Dismantles 3-Million-Node IoT Botnet Empire appeared first on Penetration Testing Tools.

The burgeoning ubiquity of Apple computational machines is inexorably shifting the equilibrium of power within the clandestine cybercriminal

The post The Fall of the Invulnerable Mac: Inside MioLab’s “Nova” Malware-as-a-Service Empire appeared first on Penetration Testing Tools.

GitHub is expanding its application security capabilities with AI-powered security detections designed to identify risks earlier in the development process, with public preview planned for early Q2. The update is intended to improve code scanning, secret detection, and dependency analysis within repositories hosted on the platform. The company said the new detections are designed to complement its existing CodeQL engine, which remains in use for semantic analysis of supported languages. Static analysis continues to play … More →

The post GitHub leans on hybrid detection model to expand vulnerability coverage appeared first on Help Net Security.

Switzerland has resolved not merely to patch the vulnerabilities of the antiquated internet, but to fundamentally reconstruct its

The post Beyond BGP: How Switzerland is Rebuilding the Internet’s Foundation with SCION appeared first on Penetration Testing Tools.

On March 18, 2026, the architects behind the Telega application—a third-party Telegram client—activated a clandestine mechanism designed to

The post The Trojan in the Play Store: How the Telega Client Became a Multi-Million Installation MITM Trap appeared first on Penetration Testing Tools.

The National Institute of Standards and Technology (NIST) has released NIST SP 1308, the “Cybersecurity, Enterprise Risk Management, and Workforce Management Quick-Start Guide”. Published in March 2026, this strategic document provides a structured methodology to integrate cybersecurity risk management (CSRM) into broader enterprise risk management (ERM) strategies. The guide emphasizes workforce planning to address the […]

The post NIST Releases Quick-Start Guide on Cybersecurity, Risk, and Workforce Management appeared first on Cyber Security News.

An endeavor to dismantle a ubiquitous platform dedicated to account theft yielded but an ephemeral triumph. A mere

The post The Hydra of Phishing: How Tycoon2FA Resurrected Its Empire Days After a Global Takedown appeared first on Penetration Testing Tools.