资讯

The Hacker News3 小时
⚡ Weekly Recap: Chrome 0-Day, Data Wipers, Misused Tools and Zero-Click iPhone Attacks
Google has released Google Chrome versions 137.0.7151.68/.69 for Windows and macOS, and version 137.0.7151.68 for Linux to ...
The Hacker News3 小时
Think Your IdP or CASB Covers Shadow IT? These 5 Risks Prove Otherwise
In 2024, dormant accounts, unmanaged SaaS access, and GenAI permissions expose enterprises to data breaches and insider ...
The Hacker News6 小时
OpenAI Bans ChatGPT Accounts Used by Russian, Iranian and Chinese Hacker Groups
OpenAI banned ChatGPT accounts tied to Russian, Chinese, and Iranian hackers using AI for malware and influence campaigns.
The Hacker News1 天
New Supply Chain Malware Operation Hits npm and PyPI Ecosystems, Targeting Millions Globally
Supply chain attack infects 16 GlueStack npm packages used by 1M weekly users, enabling malware that steals data and controls ...
The Hacker News1 天
Malicious Browser Extensions Infect Over 700 Users Across Latin America Since Early 2025
A phishing campaign infects 722 users with malicious browser extensions in Latin America to steal bank login data.
The Hacker News4 天
Critical Cisco ISE Auth Bypass Flaw Impacts Cloud Deployments on AWS, Azure, and OCI
Cisco patches critical ISE flaw affecting AWS, Azure, OCI users—unauthenticated access could expose sensitive systems.
The Hacker News6 天
New Chrome Zero-Day Actively Exploited; Google Issues Emergency Out-of-Band Patch
Google fixed CVE-2025-5419 in Chrome after detecting active exploitation, affecting all platforms using V8 engine.
The Hacker News4 天
DoJ Seizes 145 Domains Tied to BidenCash Carding Marketplace in Global Takedown
The U.S. Department of Justice (DoJ) on Wednesday announced the seizure of cryptocurrency funds and about 145 clearnet and ...
The Hacker News3 天
Inside the Mind of the Adversary: Why More Security Leaders Are Selecting AEV
AEV automates continuous attack simulations for organizations, helping prioritize exploitable risks and improve cyber ...
The Hacker News2 天
New Atomic macOS Stealer Campaign Exploits ClickFix to Target Apple Users
A new malware campaign tricks macOS users with fake Spectrum CAPTCHA sites to steal passwords and deliver Atomic Stealer ...
The Hacker News4 天
Google Exposes Vishing Group UNC6040 Targeting Salesforce with Fake Data Loader App
Google-owned Mandiant, in a technical overview of vishing and the social engineering attacks, pointed out the distinct ...
The Hacker News3 天
Fake Docusign, Gitcode Sites Spread NetSupport RAT via Multi-Stage PowerShell Attack
Fake Gitcode and DocuSign sites are tricking users into running PowerShell scripts that install NetSupport RAT.