Aggregator

Zelle Provider Allowed $1 Billion of Fraudulent Transactions, Prosecutors Say
The state of New York is suing the privately held fintech company behind the Zelle money transfer system in a complaint that alleges years of poor cybersecurity and protections against fraud. The New York complaint targets Early Warning Services, the company behind the money transfer app.

Congress Pressed to Fund Federal Court System Cyber Upgrades Amid Escalating Risks
A breach of the U.S. national court filing system intensified concerns over the federal judiciary's cybersecurity, with critics urging reforms and congressional funding to close gaps that could expose sealed cases, confidential informants and other sensitive information.

HHS Says New FAQs Support HHS' 'Make Health IT Great Again' Interoperability Effort
Federal regulators issued updated HIPAA privacy rule guidance that aims to clarify when patients' protected health information can be shared with value-based care organizations, and also the types of health records that patients have a right to access upon request. Does it cover any new ground?

Majority of Attacks Target Operational Technology Networks
Exploitation attempts against a severe vulnerability in a runtime system widely deployed in operational technology environments spiked globally in the days after open-source maintainers of the Erlang/OTP project published a patch. Attackers could take full control of systems.

ViewState被动扫描和密钥爆破插件

关键词高德今日多地用户集中反映高德地图出现BUG。例如导航逻辑错误，跨区域定位漂移，数据延迟等。高德尚未做出回应。

关键词GitHub今晨，全球开发者社区迎来地震级变动！

关键词芯片管制路透社援引知情人士消息称，美国执法机构在部分被视为有高风险非法转运至中国的先进芯片货运中暗装定位

IBM’s 2025 Cost of a Data Breach Report offers one of the clearest and most comprehensive views yet of how AI adoption is shaping the security landscape.  While breach numbers are relatively low – only 13% of organizations reported breaches involving AI models or applications – the report reveals a troubling pattern: APIs and integrations [...]

The post IBM 2025 Cost of a Data Breach Report: Lessons for API and AI Security appeared first on Wallarm.

The post IBM 2025 Cost of a Data Breach Report: Lessons for API and AI Security appeared first on Security Boulevard.

Как хакеры могли парализовать госкоммуникации через Matrix.

Chrome VRP 十年来颁发的最高赏金

速修复

OpenAI is building an agentic future with its upcoming Chromium-based browser and a new leak confirms GPT Agent integration. [...]

Splunk has released a comprehensive defender’s guide aimed at helping cybersecurity teams detect and prevent ransomware attacks targeting ESXi infrastructure before they can cause widespread damage. The guide comes as organizations continue to face mounting pressure from cybercriminals who increasingly target VMware’s ESXi hypervisor platform as a high-value attack vector. Growing Threat to Critical Infrastructure […]

The post Splunk Publishes Defender’s Guide to Spot ESXi Ransomware Early appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Trustwave SpiderLabs researchers have uncovered a sophisticated EncryptHub campaign that ingeniously abuses the Brave Support platform to deliver malicious payloads, leveraging the recently disclosed CVE-2025-26633 vulnerability in Microsoft Management Console (MMC). Dubbed MSC EvilTwin, this flaw enables attackers to execute arbitrary code via manipulated .msc files, allowing EncryptHub also known as LARVA-208 or Water Gamayun […]

The post EncryptHub Turns Brave Support Into a Dropper; MMC Flaw Completes the Run appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Two vulnerabilities (CVE-2025-8875, CVE-2025-8876) in N-central, a remote monitoring and management (RMM) solution by N-able that’s popular with managed service providers, are being exploited by attackers. There are no public reports of exploitation, but the confirmation came from the US Cybersecurity and Infrastructure Security Agency (CISA), which added the flaws to its Known Exploited Vulnerabilities catalog and ordered US federal civilian agencies to mitigate them within a week. About the vulnerabilities (CVE-2025-8875, CVE-2025-8876) N-able N-central … More →

The post Vulnerabilities in MSP-friendly RMM solution exploited in the wild (CVE-2025-8875, CVE-2025-8876) appeared first on Help Net Security.

多领域专家齐聚ISC.AI 2025！解码安全智能体技术与应用创新

聚焦小场景更易破局

Суд приговорил, но свобода ближе, чем кажется.