Aggregator

Как Amazon научил нас ненавидеть тех, кто живет за стенкой.

LummaStealer, a notorious information-stealing malware, has made a significant comeback following a major law enforcement disruption in 2025. This resurgence is characterized by a shift in distribution tactics, moving away from traditional exploit kits towards aggressive social engineering campaigns. Cybercriminals are now leveraging “ClickFix” techniques, which present users with fake CAPTCHA verification pages. These deceptive […]

The post Fake CAPTCHA Attacks Emerge as Key Entry Point for LummaStealer Malware Campaigns appeared first on Cyber Security News.

数据不加密，过年更安心（内含限量红包封面）

1.Qilin勒索团伙公布了新的受害者 2.Play勒索团伙公布新的受害公司 3.Spacebears勒索团伙公布新的受害公司

奇安信“4端6线+零信任”的融合创新路径

澳大利亚首个罚单

新春将至，万象更新，MiSRC 为各位白帽师傅献上2026年专属红包封面~

惠普推出了游戏笔记本订阅服务 OMEN Gaming Subscription，允许用户以按月付费的方式租用笔记本电脑，用户不拥有所有权，长期租用的费用会超过笔记本的零售价。用户可租用的笔记本电脑包括：低端的 HP Victus 15——RTX 4050 移动显卡，Ryzen 7 8845HS CPU、16 GB 内存 和 1TB SSD，月费 50 美元，其零售价为 950 美元，也就是租用两年的价格就超过了零售价；高端的 HP Omen Max 16—— Intel Core Ultra 9 处理器，RTX 5080 移动显卡、32 GB 内存 和 1 TB SSD，月费 130 美元，目前零售价 2,110 美元。放弃所有权的好处包括了：年度硬件升级、次日更换服务、全天候支持以及持续保修。用户无法在订阅之后中途取消，否则需要支付昂贵的提前终止费用——Victus 15 为 550 美元，Omen Max 16 为 1430 美元。用户需要至少订阅 12 个月之后才可以在第 13 个月取消订阅而无需支付终止费用。

Flashpoint warns of a dramatic drop in the average time between vulnerability disclosure and exploitation

Рассказываем, что происходит с российским ИТ-рынком в 2026 году.

The Nancy Guthrie case reveals data retention issues in cloud technology, as investigators recovered footage from a Google Nest camera that should have been deleted, emphasizing the need for stronger cybersecurity measures for IoT devices

The post The FBI Recovered “Deleted” Nest Cam Footage — Here’s Why Every CISO Should Panic appeared first on Security Boulevard.

Green Blood Group steals personal records and biometric data of the West African nation's nearly 20 million residents.

Explore how passwordless authentication and eKYC simplify cross-border banking onboarding by enhancing security, compliance, and user experience.

The post The Significance of Passwordless Authentication and eKYC in Simplifying Cross-Border Banking Onboarding appeared first on Security Boulevard.

Security researchers have identified the first documented instance of a malicious Microsoft Outlook add-in being used against users in real-world scenarios. A compromised meeting scheduler named AgreeTo was used to steal over 4,000 Microsoft account credentials, credit card numbers, and answers to banking security questions. AgreeTo began as a legitimate open-source project published to the Microsoft Office […]

The post Microsoft Outlook Add-in Stolen 4,000 Microsoft account Credentials and Credit Card Numbers appeared first on Cyber Security News.

A new and dangerous class of cyberattack called “Promptware” has been discovered, capable of turning your personal AI assistant into a sleeper agent that spies on you. Security researchers from Ben-Gurion University, Tel Aviv University, and Harvard have demonstrated a terrifying exploit in which a simple Google Calendar invite can trick Google’s Gemini assistant into […]

The post Promptware – Hackers Can Use Google Calendar Invites to Stream Victims’ Cameras via Zoom appeared first on Cyber Security News.

OpenVPN version 2.7.0 is now available. The update advances support for multi-address server configurations and updates client functionality across operating systems. The release includes enhancements in data channel handling and support for evolving kernel and cryptographic components. Server enhancements Version 2.7.0 adds multi-socket support for server instances. This allows servers to manage multiple addresses, ports, and protocols from a single process. The change aims to simplify configurations where services listen on more than one interface … More →

The post OpenVPN releases version 2.7.0 with expanded protocol and platform updates appeared first on Help Net Security.

Иранские хакеры начали масштабную охоту на израильских чиновников и ученых

A vulnerability, which was classified as problematic, was found in GNU gputils. This affects an unknown function of the component C++ Symbol Handler. Executing a manipulation can lead to denial of service. This vulnerability is registered as CVE-2026-2341. The attack needs to be launched locally. No exploit is available.

千问，如何奶茶换江山

奇安信持续通过“4端6线”的深度运营，为 AI 时代的生产力释放筑牢安全底座 。