Aggregator

雷神众测拥有该文章的修改和解释权。如欲转载或传播此文章，必须保证此文章的副本，包括版权声明等全部内容。声明雷神众测允许，不得任意修改或增减此文章内容，不得以任何方式将其用于商业目的。

RSA has expanded its passwordless authentication capabilities to Linux environments, advancing its goal of delivering secure, password-free access for every user in every environment. Linux is ubiquitous in enterprise infrastructure, powering servers, developer workstations, and critical operational environments across industries from financial services to government. Despite its reach, Linux users have historically been underserved by passwordless solutions, often left to rely on legacy credential-based access while users elsewhere deployed modern passwordless form factors. The Linux … More →

The post RSA extends passwordless authentication to Linux environments appeared first on Help Net Security.

Следы атаки месяцами оставались на виду, но никто их не замечал.

Anthropic 已向美国证券交易委员会（SEC）秘密提交了 IPO 招股说明书。该公司表示在 SEC 完成审查之后，将根据市场状况等因素选择上市。Anthropic 的估值今年以来出现了爆炸式增长，在上周的最新一轮融资中估值达到了 9650 亿美元，超过了 OpenAI 在 3 月下旬的 8520 亿美元估值。美国股市即将迎来三家万亿市值公司的上市，SpaceX 预计本月上市，Anthropic 竞争对手 OpenAI 预计会很快递交上市申请，三家公司的市值预计将达到 4 万亿美元。

Сразу 95 официальных пакетов внезапно превратились в шпионов.

Malware on approximately 2,000 WordPress sites hid C2 instructions in Steam profile comments using invisible Unicode. GoDaddy researchers spotted a command-and-control infrastructure for a malware campaign abusing Valve’s Steam gaming platform. The experts discovered malware on approximately 1,980 WordPress sites that fetches its instructions by reading Steam Community profile comments, where the actual payload is […]

In this interview with Help Net Security, Chuck Davis, VP, Global Information Security at Hikvision, explains how zero trust applies to physical security systems like cameras and door controllers. He breaks down how to make trust decisions at the edge without recreating old perimeter assumptions, why these devices should be treated as IT assets, and what the Mirai botnet taught the industry. Davis also covers posture assessment for devices that cannot run standard agents, and … More →

The post Zero trust physical security needs trust decisions at the edge appeared first on Help Net Security.

Атака Bitskrieg обнулит ключевые механизмы доверия Secure Boot.

Most security teams know the drill: A new autonomous penetration testing tool gets deployed, and the first run is genuinely impressive. The dashboard surfaces critical findings, maps lateral movement paths nobody had documented before, and exposes a legacy service account that has been sitting idle for years. Great. The red team feels like it’s found a force multiplier. The CISO feels like the “human element” of validation has finally been automated away. Then, troublingly, by … More →

The post Why you need BAS and autonomous pentesting together appeared first on Help Net Security.

A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'rgod' was reported to the affected vendor on: 2026-06-02, 25 days ago. The vendor is given until 2026-09-30 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 8.8 AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Xander Mackenzie | @thetrueartist.co.uk' was reported to the affected vendor on: 2026-06-02, 25 days ago. The vendor is given until 2026-09-30 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'rgod' was reported to the affected vendor on: 2026-06-02, 25 days ago. The vendor is given until 2026-09-30 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.2 AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Nicholas Zubrisky (@NZubrisky) of TrendAI Research' was reported to the affected vendor on: 2026-06-02, 25 days ago. The vendor is given until 2026-09-30 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'rgod' was reported to the affected vendor on: 2026-06-02, 25 days ago. The vendor is given until 2026-09-30 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.8 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Natnael Samson (@NattiSamson)' was reported to the affected vendor on: 2026-06-02, 25 days ago. The vendor is given until 2026-09-30 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 5.0 AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:H severity vulnerability discovered by 'Hamdi' was reported to the affected vendor on: 2026-06-02, 25 days ago. The vendor is given until 2026-09-30 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Mark Vincent Yason (markyason.github.io)' was reported to the affected vendor on: 2026-06-02, 25 days ago. The vendor is given until 2026-09-30 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'winters0x64' was reported to the affected vendor on: 2026-06-02, 25 days ago. The vendor is given until 2026-09-30 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 5.0 AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:H severity vulnerability discovered by 'hamdi' was reported to the affected vendor on: 2026-06-02, 25 days ago. The vendor is given until 2026-09-30 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Anonymous' was reported to the affected vendor on: 2026-06-02, 25 days ago. The vendor is given until 2026-09-30 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.