Aggregator

The Supreme Court said Monday that it will hear a case stemming from the use of a Facebook tracking pixel to monitor the streaming habits of the user of a sports website.

CVE-2026-21509: Reliance on untrusted inputs in a security decision in Microsoft Office allows an unauthorized attacker to bypass a security feature locally

Dark Web Informer - Cyber Threat Intelligence

4 hours 6 minutes ago

CVE-2026-21509: Reliance on untrusted inputs in a security decision in Microsoft Office allows an unauthorized attacker to bypass a security feature locally

Dark Web Informer

Fake Microsoft Teams Billing Phishing Alerts Reach 6,135 Users via 12,866 Emails

Hack Read

4 hours 29 minutes ago

Scammers are abusing Microsoft Teams invitations to send fake billing notices, with 12,866 emails reaching around 6,135 users in a phone-based phishing campaign.

Deeba Ahmed

Play

Dark Feed IO

4 hours 31 minutes ago

You must login to view this content

cohenido

Play

Dark Feed IO

4 hours 32 minutes ago

You must login to view this content

cohenido

Play

Dark Feed IO

4 hours 32 minutes ago

You must login to view this content

cohenido

Play

Dark Feed IO

4 hours 32 minutes ago

You must login to view this content

cohenido

INC

Dark Feed IO

4 hours 34 minutes ago

You must login to view this content

cohenido

前言在现代 Web 应用安全攻防中，攻击者不断演化其技术手段，以规避日益智能的检测机制。传统的基于关键词匹配或简单语法分析的安全防护（如 WAF、SAST 工具甚至部分 AI 驱动的代码扫描系统）正面临严峻挑战，恶意代码不再以明文形式暴露危险函数或命令，而是通过逻辑拆分、数据混淆、运行时重构等高级技巧，将攻击载荷（payload）伪装成合法的业务逻辑。AI检测的思路AI 检测 WebShell 的

从 Chatbot 到 Autonomous Agents-新型LLM攻击漏洞总结

先知技术社区

4 hours 50 minutes ago

随着 AI 从单一的 Chatbot 进化为拥有工具调用权限的 Autonomous Agents（自主智能体），安全边界已彻底瓦解。本文不再局限于简单的 Prompt Injection，而是深入剖析了 GCG 自动化对抗、AI-CSRF 跨插件攻击、RAG 逻辑炸弹等前沿威胁，并提供了基于 Zero-Trust AI 的防御架构设计与 DevSecOps 落地代码。