Aggregator

Five Practical Use Cases on How AI Is Transforming SOCs for Threat Mitigation
AI is reshaping cybersecurity on both sides of the battlefield. While attackers use it to scale threats, defenders are using AI to reduce noise, accelerate investigations and improve response. This blog provides five real-world SOC use cases for mitigating threats.

Expect Fallout After Remote Access Trojan Added to Popular JavaScript NPM Package
A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software packages, to distribute a cross-platform, remote access Trojan. Identifying the full fallout from the attack could take some time, experts warned.

These are the top threats you should know about this week.

原域名已变更且将在2024年彻底废弃，请访问 https://govuln.com/news/ 查看新的RSS订阅

Cyber threats across Latin America are increasingly targeting government systems, from disruptive attacks in Puerto Rico to a surge of probes against Colombia’s health sector.

A new service on the cybercrime market provides automated capabilities to create persistent information-stealing social engineering attacks.

Proofpoint researchers say the group behind the surge, TA416, had turned away from Europe for a few years.

The post European-Chinese geopolitical issues drive renewed cyberespionage campaign appeared first on CyberScoop.

The software supply chain attack that resulted in the compromise of npm packages of Axios, an extremely popular HTTP client library, is believed to be the work of financially-motivated North Korean attackers. Links to UNC1069 On March 31, 2026, unknown attackers managed to publish two backdoored Axios npm packages after gaining access to a maintainer’s npm account. The malicious versions introduced a hidden dependency containing a post-install script, and this script executed automatically during installation … More →

The post North Korean hackers linked to Axios npm supply chain compromise appeared first on Help Net Security.

Venom Stealer malware-as-a-service automates ClickFix social engineering, credential and crypto exfiltration

Exabeam has announced the expansion of Exabeam Agent Behavior Analytics (ABA). Without direct visibility into how employees use AI assistants, what they query, what data they share, how frequently they interact, and from where, organizations cannot establish a baseline for normal AI behavior, investigate potential misuse, or detect emerging agentic insider threats. New support to detect agent behavior in OpenAI ChatGPT and Microsoft Copilot, alongside existing visibility into Google Gemini, transforms these agentic services into … More →

The post Exabeam expands ABA to detect AI agent threats across ChatGPT, Copilot, and Gemini appeared first on Help Net Security.

Artificial intelligence agents are rapidly becoming integral to enterprise workflows, but they also introduce new attack surfaces. Security researchers recently uncovered a significant vulnerability within Google Cloud Platform’s Vertex AI Agent Engine. By exploiting default permission scoping, attackers could weaponize deployed AI agents into “double agents” that secretly exfiltrate data and compromise cloud infrastructure. Exploiting […]

The post Google Cloud’s Vertex AI platform Vulnerability Allow Attackers to Access Sensitive Data appeared first on Cyber Security News.

Как черные дыры спасают физику от краха.

A recent cybersecurity study reveals that threat actors are moving faster than ever to weaponize new software flaws. According to data collected from a high-interaction honeypot, hackers are actively exploiting a newly disclosed, maximum-severity vulnerability in Oracle WebLogic Server. The critical flaw, tracked as CVE-2026-21962, carries a CVSS score of 10.0. It allows unauthenticated attackers […]

The post Hackers Actively Exploiting Critical WebLogic RCE Vulnerabilities in Attacks appeared first on Cyber Security News.

The following CIS Benchmarks and CIS Build Kits have been updated or recently released. The Center for Internet Security has highlighted the major updates below. Each Benchmark and Build Kit includes a changelog that references all changes. Updated CIS Benchmarks overview CIS Microsoft Windows 11 Enterprise Benchmark v5.0.0 CIS Oracle Cloud Infrastructure Foundations Benchmark v3.1.0 CIS Apache Cassandra 5.0 Benchmark v1.1.0 CIS Apache Cassandra 4.1 Benchmark v1.2.0 CIS Apache Cassandra 4.0 Benchmark v1.3.0 CIS Microsoft … More →

The post CIS Benchmarks March 2026 Update appeared first on Help Net Security.

Eight years ago, we launched 1.1.1.1 to build a faster, more private Internet. Today, we’re sharing the results of our latest independent examination. The result: our privacy protections are working exactly as promised.

A newly disclosed Russian-linked remote access toolkit called “CTRL” is being used to hijack Remote Desktop Protocol sessions and steal credentials from Windows systems. According to Censys ARC, the malware is a custom .NET framework that combines phishing, keylogging, reverse tunneling, and persistence into one attack chain. Censys ARC said the toolkit was discovered during […]

The post Russian Hackers Using Remote Access Toolkit “CTRL” for  RDP Hijacking appeared first on Cyber Security News.