Aggregator
新玩意 246|少数派的编辑们最近买了啥?
Финансы, энергетика, оборонка — под крышей ИИ. Дональд Трамп запускает новую систему кибербезопасности США
Samsung backs down on threat to delete health data
SANS Warns of AI Governance Gap as Use by Security Teams Surges
Tenable One unifies code risks with enterprise exposure data
Tenable has announced the expansion of the Tenable One Exposure Management Platform, unifying application security risks with all other exposure data. By integrating static code vulnerability data, Tenable One delivers complete, code-to-runtime visibility across the entire attack surface. Security teams have long struggled with a code security problem where vulnerable code reaches production faster than it can be reviewed. This problem is exacerbated by the use of generative AI, which empowers developers to ship code … More →
The post Tenable One unifies code risks with enterprise exposure data appeared first on Help Net Security.
马不靠声音或气味就能识别屏幕上的捕食者
马不靠声音或气味就能识别屏幕上的捕食者
Unpatched Shark Vacuum Flaw Could Let Attackers Control Other Vacuums Region-Wide
Unpatched Shark Vacuum Flaw Could Let Attackers Control Other Vacuums Region-Wide
YouTube Premium通过苹果IAP开通低价区无法使用礼品卡扣款 疑似谷歌加强了风控
CISA Warns of Actively Exploited Oracle E-Business Suite Flaw
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned that attackers are actively exploiting CVE-2026-46817, an improper privilege management vulnerability in Oracle E-Business Suite that can lead to a takeover of Oracle Payments. The agency added the issue to its Known Exploited Vulnerabilities Catalog on July 15, 2026, and directed affected federal civilian executive […]
The post CISA Warns of Actively Exploited Oracle E-Business Suite Flaw appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Claude Code and DeepSeek Powered Chinese Cyber Espionage Campaign
Claude Code and DeepSeek Powered Chinese Cyber Espionage Campaign
Ray Zhang Leads the Smart Contract Work Where Small Decisions Can Move Real Markets
华为撤回“世界”商标申请,此前该商标使用范围显示为汽车等
From Indirect Prompt Injection to DNS Exfiltration in macOS Terminal
This is a follow-up to my previous Terminal DiLLMa research, and there is a positive outcome: Apple fixed a macOS Terminal behavior that enabled a DNS-based data exfiltration technique.
DNS Requests via ANSI Escape CodesDavid Leadbeater originally discovered an interesting behavior in the macOS Terminal app that allowed a special sequence of ANSI escape codes to issue DNS requests.
In short, this triggered a DNS request from the macOS Terminal app:
Lineation.ai focuses on runtime security for autonomous AI agents
Lineation.ai has announced the public launch of its comprehensive agentic security platform. Delivering a solution at the intersection of genAI application security and runtime defense, lineation introduces a zero trust unified control plane and a lightweight endpoint daemon that secures autonomous AI agents directly at execution. As enterprises adopt autonomous AI agents that read sensitive data, call APIs, and execute workflows, traditional static perimeters and standard LLM gateways fall blind. By assigning a Zero Trust … More →
The post Lineation.ai focuses on runtime security for autonomous AI agents appeared first on Help Net Security.