Aggregator

创业11年首次盈利，悬镜安全正在走出网络安全创业的“独立行情”。

F6 раскрыла фишинговую схему BloxTools.

致力于第一时间为企业级用户提供权威漏洞情报和有效解决方案。

致力于第一时间为企业级用户提供权威漏洞情报和有效解决方案。

A threat actor has managed to access Grafana Labs’ GitHub environment and download the company’s codebase, the open-source observability and data visualization firm announced on Sunday. The breach is significant given Grafana Labs’ widespread use across enterprise engineering and DevOps teams worldwide. Grafana Labs is best known for its open-source dashboard and visualization platform, but also offers tools for log aggregation (Loki), continuous profiling (Pyroscope), distributed tracing (Tempo), and a hosted SaaS option (Grafana Cloud). … More →

The post Attackers accessed, downloaded code from Grafana Labs’ GitHub appeared first on Help Net Security.

火绒安全提醒：老旧版本软件成Sorry勒索病毒入侵重灾区

环境异常 当前环境异常，完成验证后即可继续访问。 去验证

环境异常 当前环境异常，完成验证后即可继续访问。 去验证

美国网络司令部2027财年JCWA集成与创新项目概览

大规模供应链攻击日益频繁，出现专业攻击组织

环境异常 当前环境异常，完成验证后即可继续访问。 去验证

环境异常 当前环境异常，完成验证后即可继续访问。 去验证

The UK’s financial authorities have set expectations for the sector on cybersecurity and operational resilience

May 18, 2026Interview with Dimitri Sirota from BigIDMost organizations think AI risk lives in the m

Chaotic Eclipse, the security researcher behind the recently disclosed Windows flaws, YellowKey and GreenPlasma, has released a proof-of-concept (PoC) for a Windows privilege escalation zero-day flaw that grants attackers SYSTEM privileges on fully patched Windows systems. Codenamed MiniPlasma, the vulnerability impacts "cldflt.sys," which refers to the Windows Cloud Files Mini Filter Driver,

Cybersecurity researchers have discovered four new npm packages containing information-stealing malware, one of which is a clone of the Shai-Hulud worm open-sourced by TeamPCP. The list of identified packages is below - chalk-tempalte (825 Downloads) @deadcode09284814/axios-util (284 Downloads) axois-utils (963 Downloads) color-style-utils (934 Downloads) "One of the packages (chalk-tempalte)

Supply Chain Attack / BotnetCybersecurity researchers have discovered four new npm packages contai

Operation Ramz, a cybercrime initiative coordinated by INTERPOL across the MENA region, focused on disrupting phishing campaigns, malware activity, and cyber scams that caused substantial financial losses across the region. The operation resulted in the arrest of 201 individuals and the identification of an additional 382 suspects. Moroccan authorities seized computers, smartphones and external hard drives containing banking data and software used for phishing operations. (Source: INTERPOL) Authorities identified 3,867 victims and seized 53 servers. … More →

The post 201 arrested in INTERPOL disruption of phishing and fraud networks appeared first on Help Net Security.

Microsoft has confirmed that the May 2026 Windows 11 security update (KB5089549) fails to in