【情报】湾湾为什么要把“秘密窃听站”设在曼谷?
前几天发了【情报】湾湾在泰国曼谷的“秘密窃听站”暴露了,今天继续挖挖这个窃听站。湾湾在泰国搞窃听站已经很多年了。
Aggregator
Critical Kirki flaw exploited to hijack WordPress admin accounts
3 weeks 3 days ago
Hackers are exploiting a critical privilege escalation vulnerability (CVE-2026-8206) in the Kirki plugin for WordPress to take over any user account, including those belonging to administrators. [...]
Bill Toulas
【AI复盘】LLMShare攻击
3 weeks 3 days ago
2026年5月,安全公司Push Security披露了一起针对ChatGPT用户的新型供应链攻击——LLMShare。攻击者利用ChatGPT的共享功能(chatgpt.com/s/)托管恶意HTML页面,并通过Google广告精准投放,诱导用户下载伪装成"ChatGPT桌面应用"的恶意软件。
与传统钓鱼攻击不同,这次攻击的核心在于滥用可信平台:恶意内容完全通过ChatGPT官方域名渲染和托管,用户看到的是"chatgpt.com"的链接,天然放松警惕。这种"借壳"攻击方式,标志着AI平台正在成为新的攻击面。
这起攻击最值得警惕的,不是技术手段有多高明,而是攻击平台的演变。过去,攻击者要搭建一个可信的钓鱼网站,需要注册域名、部署服务器、申请SSL证书——每一步都可能暴露痕迹。现在,他们直接利用OpenAI的官方域名来托管恶意内容,成本极低,隐蔽性极强。
对于企业安全团队来说,这意味着"域名可信 ≠ 内容可信"的旧假设正在失效。我们需要重新划定信任边界,不能因为内容托管在知名平台就放松警惕。
更值得思考的是:这种攻击方式会不会蔓延到其他AI平台?Anthropic的Claude、Google的Gemini、百度的文心一言——它们的共享功能是否也存在类似漏洞?
AI安全,不只是防止AI被攻击,还要防止AI平台被滥用。
#安全事件#LLM攻击
Over 116,000 Minecraft systems infected in WeedHack malware campaign
3 weeks 3 days ago
A large-scale malware campaign dubbed WeedHack is targeting Minecraft players and has infected more than 116,000 systems since January. [...]
Bill Toulas
Zoom CISO: AI as a Security Enabler, Not Role-Replacer
3 weeks 3 days ago
Zoom CISO Sandra McLeod discusses the challenges of securing a global communication platform, the promise of AI-driven security workflows, and her advice for aspiring cybersecurity leaders.
Kristina Beek
FBI-Flagged Phishing Kit Kali365 Expands Its Reach
3 weeks 3 days ago
Once targeting just Microsoft 365, the phishing-as-a-service platform now aims at AWS, Okta, and Russian platforms, while relying on device code phishing.
Jai Vijayan
Stormous
3 weeks 3 days ago
You must login to view this content
cohenido
美国国家情报总监办公室
3 weeks 3 days ago
(Office of the Director of National Intelligence, ODNI)是美国联邦政府的一个独立行政机构,负责统筹、协调和监督整个美国情报体系(Intelligence Community, IC)。
$4 млрд, 10 лет и одно зеркало тоньше волоса: NASA отправляет телескоп Roman на охоту за тёмной материей
3 weeks 3 days ago
Финальный осмотр завершен. А дальше? Только космос.
INC
3 weeks 3 days ago
You must login to view this content
cohenido
DriveSurge Hijacks Thousands of Sites for ClickFix, FakeUpdate Attacks
3 weeks 3 days ago
A sneaky, wide-scale IAB operation uses a malicious traffic distribution system (TDS) to redirect visitors of trusted websites to ones that deliver malware.
Elizabeth Montalbano
HPE security advisory (AV26-543)
3 weeks 3 days ago
Canadian Centre for Cyber Security
AI-built ransomware toolkit automates EDR evasion, AD discovery
3 weeks 3 days ago
A threat actor is using an AI-built ransomware attack toolkit that automates Active Directory discovery and helps evade endpoint detection and response (EDR) solutions. [...]
Bill Toulas
China Uses Dual-Method Cyberattack on Czech Orgs
3 weeks 3 days ago
China is stealing data from high-value targets via a sneaky, double-layer spear-phishing campaign that includes the Azureveil malware.
Alexander Culafi
Securing AI Agents Before They Go Rogue Is Next to Impossible
3 weeks 3 days ago
High-autonomy agents with broad permissions and unfettered access are a recipe for disaster, and enterprises need to act now before they become the next horror story.
Rob Wright
WordPress Malware Abuses Steam Community Profiles for C2 Operations
3 weeks 3 days ago
A newly discovered malware campaign targeting WordPress websites has raised serious concerns across the web security community. Attackers behind this campaign are using an unexpected method to communicate with infected sites, hiding command instructions inside Steam Community profile comments and turning a popular gaming platform into a covert control channel. The malware works in two […]
The post WordPress Malware Abuses Steam Community Profiles for C2 Operations appeared first on Cyber Security News.
Tushar Subhra Dutta
Google June 2026 Android Update Patches 124 Flaws, One Actively Exploited
3 weeks 3 days ago
Google on Monday released patches for 124 security vulnerabilities impacting its Android operating system for the month of June 2026, including one high-severity flaw in the Framework component that has come under active exploitation.
Tracked as CVE-2025-48595 (CVSS score: 8.4), the security flaw has been described as a case of privilege escalation without requiring any user interaction. The
The Hacker News
Threat Actor Uses Stolen Gemini API Keys to Automate Telegram Influence Campaign
3 weeks 3 days ago
A single threat actor has been running a fake political persona on Telegram for five years, quietly building an audience of over 17,000 subscribers while using stolen AI credentials to power the entire operation. What looks like an American patriot channel is actually a financially motivated fraud scheme run by a solo Russian-speaking operator. The […]
The post Threat Actor Uses Stolen Gemini API Keys to Automate Telegram Influence Campaign appeared first on Cyber Security News.
Tushar Subhra Dutta
NVIDIA сделала ИИ, который воспринимает мир как человек — и отдала его роботам, беспилотникам и умным заводам
3 weeks 3 days ago
Cosmos 3 - это главное, чего не хватало настоящей робототехнике.
White House unveils pared-back AI executive order
3 weeks 3 days ago
The order notes that federal access to the models should be subject to “appropriate confidentiality, cybersecurity, insider-risk, and intellectual-property protection, use, and nondisclosure requirements.”