Aggregator

China’s VerdantBamboo spent 18 months inside a company’s network. The entry point was the m

Как SIEM, ML и аналитики учатся работать вместе, а не спорить за первое место.

Разбор свежей атаки на Android-смартфоны через ИИ-ассистент Gemini.

error code: 1003

一场新的 Magecart 攻击活动正利用 Stripe 的 API 基础设施来托管信用卡窃取负载以及从结账页面窃取的数据。 整个恶意活动依赖于 Google Tag Manager 和 Stripe 的域名（googletagmanager.com 和 api.stripe.com），这些域名被在线商店无条件信任。 该新型恶意软件家族由电商安全公司 Sansec 的研究人员发...

发布时间: 2026-0

Submit #832928 / VDB-297630

Security researchers and the FBI are warning that a wave of FIFA-themed fraud is already hitting World Cup 2026 fans, days before the June 11 kickoff. Recent reports describe thousands of lookalike FIFA domains, banking malware hidden inside pirate streaming apps, and at least one operation that copies FIFA's login page well enough to take over real accounts. It is an obvious target. More than

Security researchers and the FBI are warning that a wave of FIFA-themed fraud is already hitting Wo

先说结论：这行署名不是你仓库里的 hook 或模板加的，是 Cursor 自己塞的。关掉开关只能管住以后，已经提交的那些得重写历史才能去掉。下面是我自己踩完坑后的完整做法，命令都跑通了。 我遇到

先说结论：这行署名不是你仓库里的 hook 或模板加的，是 Cursor 自己塞的。关掉开关只能管住以后，已经 […]

A vulnerability marked as problematic has been reported in thedotmack claude-mem up to 11.0.1. The affected element is the function computeObservationContentHash of the file src/services/sqlite/observations/store.ts of the component Observation Content Hash Handler. This manipulation causes use of weak hash. The identification of this vulnerability is CVE-2026-11330. The attack can only be executed locally. There is no exploit available. It is suggested to upgrade the affected component.

CodeBuddy Security 双引擎协同架构，将 AI 深度审计与静态分析结合，实现漏洞从发现到确证闭环。

Infosecurity Europe 2026 is a cybersecurity event that took place from June 2 to 4 in London. Help Net Security was on-site and here’s a closer look at the conference. The featured vendors are: Microsoft, JupiterOne, Menlo Security, Cato Networks, Falkin, Vivida, Pen Test Partners, Netskope, Qualys, Syteca, runZero, Vanta, OneTrust, Panaseer, Airia.

The post Photos: Infosecurity Europe 2026 appeared first on Help Net Security.

阅读： 10https://wireshark.cloud/此网站相当于远程解析pcap文件。传个pcap上去，它通过网页展示报文解析结果。怎么说呢，借助现代浏

error code: 1003

牙科福利管理机构 DentaQuest 发生数据泄露事件，据报道已暴露 260 万账户的敏感信息。 该安全事件于上月曝光，当时臭名昭著的勒索组织 ShinyHunters 将该公司的数据列在其泄露网站上，并声称已窃取超过 234 GB 的数据。据该威胁行为者称，在与公司未能达成协议后，这些数据被公开泄露。 DentaQuest 是 Sun Life 旗下的子公司，也是美国最大的牙科福利管理机构之一...

A vulnerability labeled as problematic has been found in HCL DX Compose 9.5. Impacted is an unknown function. The manipulation results in cross site scripting. This vulnerability was named CVE-2026-21825. The attack may be performed from remote. There is no available exploit.

A vulnerability identified as problematic has been detected in HCL Digital Experience & DX Compose 9.5. This issue affects some unknown processing of the component Header Handler. The manipulation of the argument Host leads to open redirect. This vulnerability is uniquely identified as CVE-2026-21826. The attack is possible to be carried out remotely. No exploit exists.