Aggregator

The FBI warned on Tuesday that the Silent Ransom Group (SRG) extortion gang is now targeting U.S.-based law firms in in-person data theft attacks. [...]

Attackers are hosting counterfeit installers and plugins on GitHub and SourceForge that pose as widely used software, including ChatGPT, Claude, AutoTune, Kontakt, Ableton Live, and ZENOLOGY. The downloads deliver a backdoor called DinDoor, which then loads a remote access Trojan built on the Deno JavaScript runtime, according to Malwarebytes. Compromised YouTube channels push victims toward the malicious repositories. The videos promoting the fake tools have accumulated more than 50,000 views. The attackers rotate through GitHub … More →

The post Fake ChatGPT and Claude installers on GitHub are dropping Deno RAT malware appeared first on Help Net Security.

CrowdStrike, in partnership with Google and the Shadowserver Foundation, has announced the simultaneous disruption of all command-and-control (C2) channels associated with GlassWorm, a persistent software chain campaign targeting software developers through malicious packages and extensions. "Since at least early 2025, GlassWorm operators have systematically targeted software developers, a

Most organizations still picture cyber defense as a fortress problem: build stronger walls, add more guards, buy another detection engine. But modern incidents rarely crash through the front gate. They drift in disguised as routine activity, hide inside legitimate processes, and quietly accumulate risk long before anyone labels them an "incident." That changes the role of the SOC entirely. The

Glassworm infected developers through poisoned tools and packages until a coordinated takedown killed all four of its C2 channels at once. On May 26, 2026, at 14:00 UTC, CrowdStrike Counter Adversary Operations team, working with Google and the Shadowserver Foundation, killed all four command-and-control channels of the Glassworm botnet at the same time. The timing […]

Как устроен самый богатый кошелёк, которым никто не может воспользоваться.

Group-IB uncovered Ghost Stadium phishing and 4300 fake FIFA World Cup domains targeting fans

What happens when a malware analyst decides to build a product he always wished he had? The case of ANY.RUN tells us that ten years later it may turn into an industry-standard solution, adopted by 74 Fortune 100 companies.  Celebrating a decade of ANY.RUN, CEO Aleksey Lapshin shared his perspective on the evolution of the company, […]

The post Inside ANY.RUN’s 10-Year Evolution: An Interview with CEO Aleksey Lapshin appeared first on ANY.RUN's Cybersecurity Blog.

Apple has published its post-quantum cryptography implementations in corecrypto, together with mathematical proofs and verification tools for independent expert evaluation, allowing external researchers to review the work and reproduce the company’s analysis. Post-quantum cryptography is designed to protect encrypted data from future quantum computers that could break widely used public-key encryption algorithms. A new approach to formal verification of Apple corecrypto (Source: Apple) Corecrypto, the cryptography library used throughout Apple operating systems and services, provides … More →

The post Apple makes its quantum-resistant encryption open source appeared first on Help Net Security.

Cisco and OpenAI are redefining enterprise engineering with Codex, helping Cisco scale AI-native development, accelerate AI Defense work, and automate defect remediation.

AI 漏洞挖掘开始交付"工程化结果" 从音频解码到工业 CAD，从车端 CAN 帧到企业 Java 中间件——这一次，AI 红队没有靠"灵感"。

AI 漏洞挖掘开始交付"工程化结果" 从音频解码到工业 CAD，从车端 CAN 帧到企业 Java 中间件——这一次，AI 红队没有靠"灵感"。

AI 漏洞挖掘开始交付"工程化结果" 从音频解码到工业 CAD，从车端 CAN 帧到企业 Java 中间件——这一次，AI 红队没有靠"灵感"。

Японцы придумали платформу для обучения, но забыли научить её менять пароли.

Google 上周宣布将大幅更改搜索功能，把搜索框改为 AI 聊天机器人的对话框，此举立即在用户中间引发了强烈反对。一部分批评者认为这将杀死开放 Web，一部分人担心 AI overviews 会展示错误的答案，且剥夺了不想要 AI 的用户的控制权。部分用户因此转向了替代搜索 DuckDuckGo。DuckDuckGo 称，其美国应用在 5 月 20 日-25 日期间的安装量周环比平均增长 18.1%，安装量增势持续了六天，5 月 25 日达到最高的 30.5%。而在 iOS 平台上，安装量周环比平均增长 33%，最高 69.9%。不展示 AI 结果的 noai.duckduckgo.com 访问量周环比平均增长 22.7%，5 月 24 日最高 27.7%。DuckDuckGo 高管 Kamyl Bazbaz 称用户想要选择权。

本文对 Socket.dev 披露的 TrapDoor 跨生态供应链投毒攻击进行了分析。攻击者通过 npm、PyPI 和 Crates.io 三大仓库发布 34+ 个恶意包，利用原生钩子窃取开发者 SSH 密钥、钱包和云凭据等敏感信息。

ZRAM Swap 原理详解前言Swap 是什么磁盘 Swap（传统方式）ZRAM Swap（压缩内存）核心原理关键点类比：真空压缩袋磁盘 Swap vs ZRAM 对比性能实测数据（参

Калифорния спешно выводит open source из-под закона о проверке возраста.

“AI投毒”“控评”“互踩”“人肉”“开盒”“算法黑箱”……AI时代，面对这些媒介乱象，该如何约束？以网络平台媒体为代表的技术媒介的出现，极大地拓展了新闻传播相关应用伦理的问题域……