Aggregator

新发布的文件名为《AI SBOM——最低要素》，旨在帮助公共和私营部门组织提升其人工智能系统和供应链的透明度。

环境异常 当前环境异常，完成验证后即可继续访问。 去验证

Alcune storie possono essere raccontate, più o meno fedelmente, ma la memoria può giocare brut

Threat intelligence architects at Point Wild have dissectively mapped a contemporary XWorm V7.4 infection pipeline, demonstrating how a

The post Under the PyInstaller Mask: Point Wild Exposes XWorm V7.4 Stealth Loader and AMSI Bypass appeared first on Information Security News.

In April 2026, threat intelligence specialists at Cato CTRL neutralized a sophisticated network intrusion attempt targeting a major

The post China-Linked Hackers Deploy “TencShell” Backdoor via Faux Web Font Files appeared first on Information Security News.

The exfiltration of administrative credentials and volatile session tokens increasingly manifests not as a rudimentary brute-force incursion, but

The post The Zero-Detection Shadow: Unit 42 Exposes Advanced Gremlin Stealer Hijacking Live Browser WebSockets appeared first on Information Security News.

The highly popular Nx Console extension for Visual Studio Code has been compromised via a weaponized supply-chain injection.

The post Developer Alert: Poisoned Nx Console VS Code Extension Steals AWS, npm, and GitHub Tokens appeared first on Information Security News.

DirtyDecrypt (CVE-2026-31635): working PoC out for a Linux kernel LPE flaw. Missing COW guard in rxgk_decrypt_skb lets local attackers reach root. After Copy Fail, Dirty Frag, and Fragnesia, here comes DirtyDecrypt, another local privilege escalation vulnerability in the kernel, this time with a working proof-of-concept already out in the open. The flaw was discovered and […]

DirtyDecrypt: PoC Released for yet another Linux flawDirtyDecry

Interpol has coordinated the apprehension of over 200 individuals implicated in a sophisticated cybercrime matrix operating across the

The post Net Closed: Interpol’s Operation Ramz Bags 200 Cybercriminals and Smashes 53 Command Servers appeared first on Penetration Testing Tools.

Microsoft has shared mitigations for YellowKey, a recently disclosed Windows BitLocker zero-

Microsoft has shared mitigations for YellowKey, a recently disclosed Windows BitLocker zero-day vulnerability that grants access to protected drives. [...]

The United States Federal Bureau of Investigation (FBI) has issued an official warning regarding the cascading aftermath of

The post Extortion in the Classroom: FBI Warns of ShinyHunters Cyber Attack on National Distance-Learning Platform appeared first on Penetration Testing Tools.

В проекте EIC участвует более 300 организаций со всего мира.

The fallout from the Chanhassen Dinner Theatres cyberattack has forced the popular Minnesot

Nonostante investimenti crescenti in cyber security, il fattore umano resta una delle principali cau

A novel exploitation technique has surfaced on macOS, designed to deceive users via a counterfeit “security update.” The

The post The Script Editor Trap: New macOS “Reaper” Malware Bypasses Terminal Defenses to Steal Keychains appeared first on Penetration Testing Tools.

众筹平台 Kickstarter 上周修改了规则，扩大了禁止的成人内容范围。此前它只禁止“色情内容”，更新后的规则显著扩大了成人内容范围，包括但不限于：暗示性行为，MILF/DILF 内容

众筹平台 Kickstarter 上周修改了规则，扩大了禁止的成人内容范围。此前它只禁止“色情内容”，更新后的规则显著扩大了成人内容范围，包括但不限于：暗示性行为，MILF/DILF 内容，暗示性裸露，任何包含女性乳头/乳晕、生殖器和肛门的内容。在引发争议之后，Kickstarter 证实它修改规则是在支付处理商 Stripe 压力下做出的，而 Stripe 受到了更大的金融系统的制约。过去几个月 Kickstarter 上进行众筹的项目有许多其筹款账号被 Stripe 暂停，因此它修改规则以满足 Stripe 限制成人内容的要求。但这一做法受到了社区的批评，它现在决定撤销新的规则，回归旧规则，但同时添加了 Stripe 政策的相关链接。