相關新聞 | HKCERT

Kali Linux can now run in Apple containers on macOS systems

Cybersecurity professionals and researchers can now launch Kali Linux in a virtualized container on macOS Sequoia using Apple's new containerization framework. [...]

Bleepingcomputer 2025年08月01日 305 觀看次數

Flaw in Gemini CLI AI coding assistant allowed stealthy code execution

A vulnerability in Google's Gemini CLI allowed attackers to silently execute malicious commands and exfiltrate data from developers' computers using allowlisted programs. [...]

Bleepingcomputer 2025年07月29日 462 觀看次數

How attackers are still phishing "phishing-resistant" authentication

Think passkeys make you phishing-proof? Think again. Attackers are using downgrade attacks, device-code phishing, and OAuth tricks to sneak past modern MFA. See how Push Security shuts them down. [...]

Bleepingcomputer 2025年07月29日 478 觀看次數

Allianz Life confirms data breach impacts majority of 1.4 million customers

Insurance company Allianz Life has confirmed that the personal information for the "majority" of its 1.4 million customers was exposed in a data breach that occurred earlier this month. [...]

Bleepingcomputer 2025年07月27日 179 觀看次數

Amazon AI coding agent hacked to inject data wiping commands

A hacker planted data wiping code in a version of Amazon's generative AI-powered assistant, the Q Developer Extension for Visual Studio Code. [...]

Bleepingcomputer 2025年07月26日 193 觀看次數

Post SMTP plugin flaw exposes 200K WordPress sites to hijacking attacks

More than 200,000 WordPress websites are using a vulnerable version of the Post SMTP plugin that allows hackers to take control of the administrator account. [...]

Bleepingcomputer 2025年07月26日 193 觀看次數

New Koske Linux malware hides in cute panda images

A new Linux malware named Koske may have been developed with artificial intelligence and is using seemingly benign JPEG images of panda bears to deploy malware directly into system memory. [...]

Bleepingcomputer 2025年07月25日 164 觀看次數

Mitel warns of critical MiVoice MX-ONE authentication bypass flaw

Mitel Networks has released security updates to patch a critical-severity authentication bypass vulnerability impacting its MiVoice MX-ONE enterprise communications platform. [...]

Bleepingcomputer 2025年07月24日 270 觀看次數

Funding for program to stop next Stuxnet from hitting US expired Sunday

Government funding for a program that hunts for threats on America's critical infrastructure networks expired on Sunday, preventing Lawrence Livermore National Laboratory from analyzing activity that could indicate a cyberattack, the program director told Congress on Tuesday.[…]

The Register 2025年07月23日 149 觀看次數

Lumma infostealer malware returns after law enforcement disruption

The Lumma infostealer malware operation is gradually resuming activities following a massive law enforcement operation in May, which resulted in the seizure of 2,300 domains and parts of its infrastructure. [...]

Bleepingcomputer 2025年07月23日 210 觀看次數