相關新聞
GlassWorm Supply-Chain Attack Abuses 72 Open VSX Extensions to Target Developers
Cybersecurity researchers have flagged a new iteration of the GlassWorm campaign that they say represents a "significant escalation" in how it propagates through the Open VSX registry. "Instead of requiring every malicious listing to embed the loader directly, the threat actor is now abusing extensionPack and...
The Hacker News
2026年03月14日 273 觀看次數
Authorities Disrupt SocksEscort Proxy Botnet Exploiting 369,000 IPs Across 163 Countries
A court-authorized international law enforcement operation has dismantled a criminal proxy service named SocksEscort that enslaved thousands of residential routers worldwide into a botnet for committing large-scale fraud. "SocksEscort infected home and small business internet routers with malware," the U.S. Department...
The Hacker News
2026年03月13日 261 觀看次數
CISA orders feds to patch n8n RCE flaw exploited in attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered government agencies on Wednesday to patch their systems against an actively exploited n8n vulnerability. [...]
Bleepingcomputer
2026年03月12日 293 觀看次數
Threat Actors Using Fake Claude Code Download to Deploy Infostealer
Cybercriminals have found a new way to target developers and IT professionals by setting up fake download pages that impersonate Claude Code, a legitimate AI coding assistant. These deceptive pages trick users into downloading what appears to be an official installation package, but instead silently deploy an...
Cyber Security News
2026年03月06日 310 觀看次數
Microsoft: Hackers abuse OAuth error flows to spread malware
Hackers are abusing the legitimate OAuth redirection mechanism to bypass phishing protections in email and browsers to take users to malicious pages. [...]
Bleepingcomputer
2026年03月04日 328 觀看次數
Qualcomm Zero-Day Exploited in Targeted Android Attacks
The exploitation activity against CVE-2026-21385, a high-severity memory corruption flaw, could be tied to commercial spyware or nation-state threat groups.
Dark Reading
2026年03月04日 381 觀看次數
Critical OpenClaw Vulnerability Exposes AI Agent Risks
The now-patched flaw is the latest in a growing string of security issues associated with the viral AI tool, which has seen rapid adoption among developers.
Dark Reading
2026年03月03日 433 觀看次數
Threat Actors Using Fake Avast Website to Harvest Users Credit Card Details
Cybercriminals are frequently refining their techniques to exploit consumer trust, and a highly sophisticated phishing campaign has recently surfaced that impersonates the cybersecurity firm Avast. This operation is designed to harvest sensitive financial credentials by tricking users into believing they are resolving an erroneous charge. By leveraging...
Cyber Security News
2026年02月26日 274 觀看次數
Hackers Leveraging Multiple AI Services to Compromise 600+ FortiGate Devices
A financially motivated threat actor exploited various commercial generative AI services to compromise over 600 FortiGate devices across more than 55 countries between January 11 and February 18, 2026. The campaign marks a defining demonstration of how AI is lowering the technical entry barrier to offensive cyber operations...
Cyber Security News
2026年02月22日 300 觀看次數
PromptSpy is the first known Android malware to use generative AI at runtime
Researchers have discovered the first known Android malware to use generative AI in its execution flow, using Google's Gemini model to adapt its persistence across different devices. [...]
Bleepingcomputer
2026年02月20日 304 觀看次數
.jpg)