跳至主內容

相關新聞

篩選器:

JadePuffer ransomware used AI agent to automate entire attack

Researchers identified what they believe is the first documented case of a ransomware operation, JadePuffer, conducted entirely by a large language model (LLM) agent...
Bleepingcomputer 2026年07月04日 19 觀看次數

CitrixBleed Vulnerability Exploited by Hackers Within 24 Hours of Public Disclosure

A newly disclosed CitrixBleed-class vulnerability in Citrix NetScaler appliances came under active exploitation less than a day after public disclosure, with decoy infrastructure operator Lupovis confirming a coordinated scanning-and-exploitation campaign across three separate sensor deployments. Within 24 hours of Citrix publishing advisory...
Cyber Security News 2026年07月03日 63 觀看次數

Microsoft quietly extends free Windows 10 ESU support to October 2027

Microsoft has quietly extended its free Windows 10 Extended Security Updates (ESU) program for consumers by an additional year, allowing enrolled devices to continue receiving security updates until October 12, 2027. [...]
Bleepingcomputer 2026年06月26日 49 觀看次數

New macOS malware embeds fake errors to confuse AI analysis tools

A newly discovered macOS malware dubbed "Gaslight" is designed to confuse AI-assisted malware analysis tools by hiding prompt injection strings and fake debugging data within the executable. [...]
Bleepingcomputer 2026年06月26日 43 觀看次數

Order-tracking app Shop abused to push callback phishing attacks

Threat actors are increasingly abusing Shop, the order-tracking app from Shopify, by adding fake purchase receipts in users' order histories to trick them into providing sensitive data or installing remote access software. [...]
Bleepingcomputer 2026年06月26日 41 觀看次數

Windows Secure Boot Certificate Expired — Billions of PCs Affected Including Linux Distros

The clock has run out. As of June 24, 2026, the first of Microsoft’s original Secure Boot certificates, the Microsoft Corporation KEK CA 2011, has officially expired, with the Microsoft UEFI CA 2011 following on June 27, 2026. A...
Cyber Security News 2026年06月26日 85 觀看次數

Malicious Edge extension abuses Native Messaging as bridge to malware

A malicious Microsoft Edge extension dubbed 'Edgecution' has been used in a ransomware attack to escape the browser sandbox and deploy a Python-based backdoor...
Bleepingcomputer 2026年06月25日 48 觀看次數

Mandiant reveals how Cisco SD-WAN zero-day attacks gained root access

New details have been revealed on how hackers exploited a Cisco Catalyst SD-WAN vulnerability tracked as CVE-2026-20245 in zero-day attacks to create rogue root accounts on targeted devices...
Bleepingcomputer 2026年06月25日 46 觀看次數

Cisco Unified CM flaw CVE-2026-20230 now exploited in attacks

A high-severity SSRF vulnerability, tracked as CVE-2026-20230, in Cisco Unified Communications Manager Server is now being exploited in attacks. [...]
Bleepingcomputer 2026年06月24日 55 觀看次數

AryStinger botnet infected thousands of D-Link routers worldwide

A previously undocumented malware botnet named AryStinger has compromised more than 4,000 outdated routers to turn them into proxies for malicious traffic. [...]
Bleepingcomputer 2026年06月21日 65 觀看次數