相關新聞 | HKCERT

Google Chrome to use on-device AI to detect tech support scams

Google is implementing a new Chrome security feature that uses the built-in 'Gemini Nano' large-language model (LLM) to detect and block tech support scams while browsing the web. [...]

Bleepingcomputer 2025年05月10日 216 觀看次數

Police dismantles botnet selling hacked routers as residential proxies

Law enforcement authorities have dismantled a botnet that infected thousands of routers over the last 20 years to build two networks of residential proxies known as Anyproxy and 5socks. [...]

Bleepingcomputer 2025年05月10日 224 觀看次數

Education giant Pearson hit by cyberattack exposing customer data

Education giant Pearson suffered a cyberattack, allowing threat actors to steal corporate data and customer information, BleepingComputer has learned.

Bleeping Computer 2025年05月09日 263 觀看次數

SonicWall Patches 3 Flaws in SMA 100 Devices Allowing Attackers to Run Code as Root

SonicWall has released patches to address three security flaws affecting SMA 100 Secure Mobile Access (SMA) appliances that could be fashioned to result in remote code execution.

The Hacker News 2025年05月09日 237 觀看次數

Open source project curl is sick of users submitting “AI slop” vulnerabilities

"One way you can tell is it's always such a nice report," founder tells Ars.

Ars Technica 2025年05月08日 165 觀看次數

PowerSchool hacker now extorting individual school districts

PowerSchool is warning that the hacker behind its December cyberattack is now individually extorting schools, threatening to release the previously stolen student and teacher data if a ransom is not paid. [...]

Bleepingcomputer 2025年05月08日 199 觀看次數

Apache Parquet exploit tool detect servers vulnerable to critical flaw

A proof-of-concept exploit tool has been publicly released for a maximum severity Apache Parquet vulnerability, tracked as CVE-2025-30065, making it easy to find vulnerable servers. [...]

Bleepingcomputer 2025年05月07日 320 觀看次數

Critical Langflow RCE flaw exploited to hack AI app servers

The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has tagged a Langflow remote code execution vulnerability as actively exploited, urging organizations to apply security updates and mitigations as soon as possible. [...]

Bleepingcomputer 2025年05月07日 462 觀看次數

Hackers exploit OttoKit WordPress plugin flaw to add admin accounts

Hackers are exploiting a critical unauthenticated privilege escalation vulnerability in the OttoKit WordPress plugin to create rogue admin accounts on targeted sites. [...]

Bleepingcomputer 2025年05月07日 172 觀看次數

NSO Group fined $167M for spyware attacks on 1,400 WhatsApp users

A U.S. federal jury has ordered Israeli spyware vendor NSO Group to pay WhatsApp $167,254,000 in punitive damages and $444,719 in compensatory damages for a 2019 campaign that targeted 1,400 users of the communication app. [...

Bleepingcomputer 2025年05月07日 173 觀看次數