Ghostwire — Live Cybersecurity Feed

Real-time cybersecurity news from 200+ sources. Updated every 5 minutes.

Teen suspect in Scattered Spider hacks is extradited to US

The Record · The Record · 2026-07-01 20:13 UTC

A complaint unsealed this week accuses a 19-year-old of participating in incidents including a breach of a "luxury-jewelry retailer" in 2025.

CybercrimeGovernmentNews

Fake Perplexity Chrome extension spies on your searches

Malwarebytes Labs · Malwarebytes Labs · 2026-07-01 20:11 UTC

A fake Perplexity Chrome extension secretly monitored searches. If you installed "Search for perplexity ai," you need to remove it manually.

AIPrivacy

Somebody told DeepSeek to build in-browser ransomware and it gleefully complied

The Register · The Register · 2026-07-01 19:57 UTC

'The original incomplete DeepSeek sample can be transformed into a fully functional attack with minimal effort,' Check Point researcher tells The Reg

security

Middle District of Pennsylvania | Enola Man Indicted For Child Exploitation Offenses - Department of Justice (.gov)

DOJ via Google News · DOJ via Google News · 2026-07-01 19:49 UTC

Middle District of Pennsylvania | Enola Man Indicted For Child Exploitation Offenses Department of Justice (.gov)

And the Winner in Dominant Malware Delivery? ClickFix

Dark Reading · Rob Wright · 2026-07-01 19:46 UTC

Researchers say the highly effective social engineering technique is no longer the exception for malware attacks — it's now the rule.

Secure Amazon container workloads using container attribute-based rules in AWS Network Firewall

AWS Security · Amit Gaur · 2026-07-01 19:40 UTC

Today, you can use AWS Network Firewall to protect traffic flowing to and from containerized applications on Amazon Elastic Kubernetes Service (Amazon EKS) and Amazon Elastic Container Service (Amazon...

Advanced (300)AWS Network FirewallFeaturedSecuritySecurity, Identity, & Compliance

Unpatched Argo CD Repo-Server Flaw Could Let Attackers Take Over Kubernetes Clusters

The Hacker News · Swati Khandelwal · 2026-07-01 19:40 UTC

Argo CD, a widely used tool for deploying software to Kubernetes, has an unpatched flaw in its repo-server component that lets an unauthenticated attacker run code, provided they can reach the compone...

19-Year-Old Scattered Spider Suspect Extradited to Face U.S. Hacking Charges

The Hacker News · Swati Khandelwal · 2026-07-01 19:28 UTC

A teenager accused of belonging to the hacking group Scattered Spider has been extradited from Finland to face U.S. charges of conspiracy, computer intrusion, and fraud, the U.S. Department of Justice...

Researchers spot exploitation of another critical Oracle defect

CyberScoop · Matt Kapko · 2026-07-01 19:23 UTC

The defect impacts a popular collection of business applications that attackers have hit before in widespread attack sprees. The post Researchers spot exploitation of another critical Oracle defect ap...

CybersecurityResearchThreatscybercrimeDefused

Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution

CIS Advisories · CIS Advisories · 2026-07-01 19:09 UTC

Multiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for arbitrary code execution.Adobe Campaign Classic is an enterprise-grade marketing automation pl...

Name Generator In JavaScript With Source Code

Source Code & Projects · codeprojects · 2026-07-01 19:05 UTC

Project: Name Generator In JavaScript With Source Code Please scroll down and click on the download button to download Name Generator In JavaScript for […] The post Name Gene...

JavaScript Projectsjavascript

Bengaluru college student alleges private photos leaked online, AI deepfake threats; cyber police register case - The Hindu

The Hindu Cyber via Google News · The Hindu Cyber via Google News · 2026-07-01 18:37 UTC

Bengaluru college student alleges private photos leaked online, AI deepfake threats; cyber police register case The Hindu

Защита от ransomware для малого бизнеса: от вектора атаки до detection-правила

Codeby · Сергей Попов · 2026-07-01 18:23 UTC

Почему построить межсетевой экран на 200 Гбит/с — это ад инженерии: честный разбор Mirada

Habr InfoSec · ksiva · 2026-07-01 18:12 UTC

Материал согласован с Codemaster в части технических данных и цифр. Все оценки и выводы — мои. С 1998 года по 2026 год я эксплуатировал и настраивал разные IPS и межсетевые экраны: PIX, ASA, Check Poi...

Межсетевой экранбатранковпроизводительностьtrexIXIA

Microsoft Adds New Teams Controls to Block Unauthorized AI Bots From Meetings

SecurityWeek · Ionut Arghire · 2026-07-01 18:08 UTC

Microsoft's new Teams admin policy requires organizer approval for external AI bots, giving organizations greater visibility and control over automated participants in sensitive meetings. The post Mic...

Artificial IntelligenceCybercrimeMicrosoft

Alleged Member of Criminal Cyber Hacking Group “Scattered Spider” Arrested in Finland and Extradited to United States - Department of Justice (.gov)

DOJ via Google News · DOJ via Google News · 2026-07-01 18:01 UTC

Alleged Member of Criminal Cyber Hacking Group “Scattered Spider” Arrested in Finland and Extradited to United States Department of Justice (.gov)

SEO-Poisoned Software Sites Abuse ScreenConnect to Deploy AsyncRAT

The Hacker News · Ravie Lakshmanan · 2026-07-01 17:53 UTC

Unknown threat actors are leveraging the ScreenConnect remote access tool as a way to deploy and execute AsyncRAT. Kaspersky said the activity is part of a "massive, multi-domain, multi-language" cam...

Alleged Member of Criminal Cyber Hacking Group “Scattered Spider” Arrested in Finland and Extradited to the United States - Department of Justice (.gov)

DOJ via Google News · DOJ via Google News · 2026-07-01 17:48 UTC

Alleged Member of Criminal Cyber Hacking Group “Scattered Spider” Arrested in Finland and Extradited to the United States Department of Justice (.gov)

Как Timeweb затыкает рот клиентам: история одного бана и уроки репутации

Habr InfoSec · MaximIonov · 2026-07-01 17:39 UTC

Или почему компания предпочла забанить клиента, вместо того чтобы признать ошибкиКлиент Timeweb высказал правду о хронических DDoS-атаках и аварии в ЦОДе. Компания удалила его сообщение и через массов...

TimewebDDoSаварияцензураблокировка

📸 В Германии украли памятник Пушкину. В связи с этим посольство России в стране выразило обеспокоенность.

СОЛОВЬЁВ · СОЛОВЬЁВ · 2026-07-01 17:35 UTC

📸 В Германии украли памятник Пушкину. В связи с этим посольство России в стране выразило обеспокоенность. Бронзовая фигура высотой около 1,8 метра была подарена городу российским Щелково и открыта ...

From Shin Bet to Mossad, Netanyahu Reshapes Israeli Intelligence

War on the Rocks · War on the Rocks · 2026-07-01 17:30 UTC

In 2025, Ofek Riemer, Daniel Wajner, and Ehud Eiran wrote, “Populists vs. Spies in Israel and Beyond,” where they argued that Prime Minister Benjamin Netanyahu’s relationship with Is...

MembersRewind and Reconnoiter

Даже «чистый» репозиторий на GitHub может представлять опасность для ИИ-агентов

Xakep · Мария Нефёдова · 2026-07-01 17:30 UTC

Эксперты Mozilla продемонстрировали атаку, в которой ИИ-агент самостоятельно компрометирует машину разработчика, пытаясь запустить проект с GitHub. При этом сам репозиторий не содержит явного вредонос...

НовостиAIClaude CodeИИ-агентИнформационная безопасность

VEIL#DROP Malware Chain Uses Blogger Platform to Deliver PureLogs Stealer

The Hacker News · Ravie Lakshmanan · 2026-07-01 17:18 UTC

Cybersecurity researchers have flagged a new multi-stage malware delivery attack chain that uses social engineering and Blogger pages to deliver an information stealer called PureLogs. The activity h...

Warning: Multiple High Vulnerabilities in Citrix Netscaler, Patch Immediately! - CCB Belgium

Belgium CCB via Google News · Belgium CCB via Google News · 2026-07-01 17:11 UTC

Warning: Multiple High Vulnerabilities in Citrix Netscaler, Patch Immediately! CCB Belgium

Claude Code втихую метит запросы. Так Anthropic ищет тех, кто учит на нём свои модели

Habr InfoSec · masasibata · 2026-07-01 17:06 UTC

Мы даём кодовым агентам полный доступ к машине: файлы, шелл, git. Значит, сам бинарник должен быть предсказуемым, без сюрпризов. У Claude Code сюрприз есть: он незаметно помечает часть запросов. Судя ...

Claude CodeAnthropicстеганографияреверс-инжинирингсистемный промпт

Red teamers turned Claude Desktop into a double agent to do their evil bidding

The Register · The Register · 2026-07-01 17:00 UTC

People trust their AI assistants and it's easy to abuse this trust

security

Команда «Войны с фейками» нашла очередной сайт, посвященный дефициту бензина, после блокировки страницы, созданной ЦИПсО. Внести данные на н…

СОЛОВЬЁВ · СОЛОВЬЁВ · 2026-07-01 16:53 UTC

Команда «Войны с фейками» нашла очередной сайт, посвященный дефициту бензина, после блокировки страницы, созданной ЦИПсО. Внести данные на нем может кто угодно, а АЗС с бензином помечают как закрытые....

Fake “Google Notes” Browser Extension Caught Swapping Crypto Wallet Addresses

HackRead · Waqas · 2026-07-01 16:51 UTC

McAfee says a Google Notes browser extension is replacing copied crypto payment details, putting wallet transfers at risk for Chrome, Brave, and Microsoft Edge users.

SecurityMalwareScams and FraudBrowserChromium

[转帖]HTTP Debugger Pro 10.4

Kanxue · 2026-07-01 16:31 UTC

[转帖]HTTP Debugger Pro 10.4

Chinese Security

Ataque de fuerza bruta masivo contra CLI de Azure

Segu-Info · SeguInfo · 2026-07-01 16:31 UTC

Investigadores de ciberseguridad de Huntress han alertado sobre un ataque masivo, continuo y automatizado de fuerza bruta contra contraseñas dirigido a la interfaz de línea de comandos (CLI) de Az...

Ransomware - Politico

Politico Cyber via Google News · Politico Cyber via Google News · 2026-07-01 16:29 UTC

Ransomware Politico

NASA inspector general suggests Boeing's Starliner will now be a decade late

Ars Technica Security · Stephen Clark · 2026-07-01 16:11 UTC

Starliner's certification may be delayed to 2027, 10 years later than Boeing's original schedule.

SecuritySpaceBoeingcommercial crewhuman spaceflight

Microsoft named a leader in the Frost Radar for cloud and application runtime security

Microsoft Security · Microsoft Security Team · 2026-07-01 16:00 UTC

Frost & Sullivan names Microsoft a leader as cloud and application security converge into unified, runtime risk reduction. The post Microsoft named a leader in the Frost Radar for cloud and appli...

Anthropic Added a New Security Measure to Get Back Into the Trump Administration’s Good Graces

Feed: All Latest · Hugo Lowell · 2026-07-01 16:00 UTC

The government has removed restrictions on Anthropic’s Fable 5 and Mythos 5 AI models—but there were strings attached.

PoliticsPolitics / Politics News

SecWiki News 2026-07-01 Review

SecWiki · SecWiki · 2026-07-01 15:58 UTC

今日暂未更新资讯~更多最新文章,请访问SecWiki

How to use the AWS Workload Credentials Provider for cross-account secret retrieval and prefetching secrets

AWS Security · Derik Wang · 2026-07-01 15:56 UTC

If you manage secrets across multiple AWS accounts or need faster secret access for latency-sensitive applications, this post shows you how to meet those requirements using two new features of the AWS...

Advanced (300)AWS Secrets ManagerSecurity, Identity, & ComplianceTechnical How-toSecurity Blog

Глава Huntress признал, что сотрудница компании предупредила хакера о расследовании

Xakep · Мария Нефёдова · 2026-07-01 15:30 UTC

Глава ИБ-компании Huntress Кайл Ханслован (Kyle Hanslovan) подтвердил, что сотрудница компании проинформировала оператора шифровальщика о том, что к нему проявляют интерес правоохранительные органы. В...

НовостиHuntressВымогательский софтИнсайдерИнформационная безопасность

Ousaban Banking Trojan Targets Iberian Bank Users with Fake PDF Lures

The Hacker News · Swati Khandelwal · 2026-07-01 15:26 UTC

A Brazilian banking trojan called Ousaban is going after Windows users who bank in Spain and Portugal. Fortinet's FortiGuard Labs identified the campaign in May 2026. It opens with a phishing PDF dis...

5 Myths About AI in the SOC Security Teams Need to Rethink

Rapid7 · Emma Burdett · 2026-07-01 15:26 UTC

AI is now part of almost every conversation in security operations. Most teams are already investing in it, experimenting with it, or trying to understand where it fits. The challenge is not whether t...

Events

Как не нарваться на prompt-injection или зачем нам проверять скиллы?

Habr InfoSec · ZergsLaw · 2026-07-01 15:26 UTC

В прошлой статье говорили про использования LLM хакерами, и обещал как раз продолжение, как защищить свое рабочее пространство, ну в общем, к делу :)Когда последний раз вы проверяли библиотеку на уязв...

llmsecurityaiagentsagents.md

Adobe Patches 7 CVSS 10.0 Flaws in ColdFusion and Campaign Classic

The Hacker News · Ravie Lakshmanan · 2026-07-01 15:25 UTC

Adobe has released patches for multiple maximum-severity security flaws impacting Adobe ColdFusion and Adobe Campaign Classic. The ColdFusion updates "resolves critical and important vulnerabilities ...

'Phantom Squatting': An Emerging AI-Driven Supply Chain Threat

Dark Reading · Elizabeth Montalbano · 2026-07-01 15:17 UTC

LLMs consistently hallucinate Web domains for legitimate brands that attackers can register for malicious activity in a difficult-to-detect attack vector.

How a Team of Marines Built the Corps’ FPV Drone Training Program from a Cold Start

War on the Rocks · War on the Rocks · 2026-07-01 15:15 UTC

Last fall, the U.S. Marine Corps had virtually no first-person view attack drones. That’s changed quickly. This episode is about how a team of marines at Weapons Training Battalion at Quantico w...

PodcastsWar On The Rocks

收集MooK的多Agent+Skills+SpringAI构建自主决策智能体

52Pojie · xkp · 2026-07-01 15:06 UTC
『悬赏问答区』

ФБР и Агентство по кибербезопасности и защите инфраструктуры США (CISA) обновили предупреждение о продолжающихся фишинговых атаках на пользо…

Канал Форт · Канал Форт · 2026-07-01 15:03 UTC

ФБР и Агентство по кибербезопасности и защите инфраструктуры США (CISA) обновили предупреждение о продолжающихся фишинговых атаках на пользователей мессенджеров. Согласно данным ведомств, самая постра...

AI use in cybersecurity is on the rise — and so is burnout

ReversingLabs · John P. Mello Jr. · 2026-07-01 15:00 UTC

The Life and Times of Cybersecurity Professionals study highlights a trend that has accelerated as cyber has become more complex.

Security Operations

Critical Cursor Flaws Could Let Prompt Injection Escape Sandbox and Run Commands

The Hacker News · Swati Khandelwal · 2026-07-01 14:42 UTC

Two flaws in Cursor, an AI code editor, could let a single, ordinary-looking prompt break out of the editor's safety sandbox and run any command on a developer's computer. There is no click to fall fo...

Полицейскими пресечена деятельность саратовца, подозреваемого в неправомерном доступе к компьютерной информации и продаже учетных записей се…

МВД МЕДИА · МВД МЕДИА · 2026-07-01 14:35 UTC

Полицейскими пресечена деятельность саратовца, подозреваемого в неправомерном доступе к компьютерной информации и продаже учетных записей сетевых сервисов Оперативниками Управления по борьбе с против...

Fileless Malware Abuses Google Blogspot to Deploy Infostealer in Memory

Infosecurity Magazine · Infosecurity Magazine · 2026-07-01 14:30 UTC

Securonix said the Veil#Drop campaign abuses Google Blogspot to deliver PureLog Stealer in memory

Treasury Sanctions Brazilian Criminal Network Exploiting U.S. Financial System to Launder Drug Proceeds - U.S. Department of the Treasury (.gov)

Treasury OFAC via Google News · Treasury OFAC via Google News · 2026-07-01 14:30 UTC

Treasury Sanctions Brazilian Criminal Network Exploiting U.S. Financial System to Launder Drug Proceeds U.S. Department of the Treasury (.gov)

[求助]有没有ACE-IDS64的分析?

Kanxue · 2026-07-01 14:25 UTC

[求助]有没有ACE-IDS64的分析?

Chinese Security

Fake Interpol Investigation Emails Push Ransomware at Small Businesses Globally

HackRead · Waqas · 2026-07-01 14:21 UTC

Fake Interpol investigation emails are targeting small businesses with Proton Drive links that deliver ransomware, encrypt files, and route victims to Tox chat.

SecurityCyber CrimeMalwareScams and FraudCyber Attack

Защита от ransomware 2026: полный разбор тактик, Recovery Denial и оборона backup-инфраструктуры

Codeby · Сергей Попов · 2026-07-01 14:20 UTC

Turning Indicators into Intelligence in OpenCTI with Criminal IP

HackRead · CyberNewswire · 2026-07-01 14:00 UTC

Torrance, California, USA, 1st July 2026, CyberNewswire

Press Release

Progress Kemp LoadMaster Pre-Auth RCE Flaw Faces Active Exploitation Attempts

The Hacker News · Ravie Lakshmanan · 2026-07-01 13:56 UTC

A recently disclosed critical security flaw impacting Progress Kemp LoadMaster is seeing active exploitation attempts, according to an advisory from eSentire's Threat Response Unit (TRU). The Canadia...

Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs

Security Affairs · Pierluigi Paganini · 2026-07-01 13:55 UTC

81 Million Login Attempts, 78 Compromised Accounts: The LSHIY Password Spray Hitting Azure CLI Huntress researchers have been tracking a massive automated password spray campaign against Microsoft Azu...

UncategorizedAzure CLICybercrimeHackinghacking news

Western District of Pennsylvania | DuBois Resident Indicted on Social Security Fraud Charges - Department of Justice (.gov)

DOJ via Google News · DOJ via Google News · 2026-07-01 13:47 UTC

Western District of Pennsylvania | DuBois Resident Indicted on Social Security Fraud Charges Department of Justice (.gov)

Brazilian Banking Trojan Ousaban Targets Spain and Portugal

Infosecurity Magazine · Infosecurity Magazine · 2026-07-01 13:45 UTC

FortiGuard says the Brazilian banking trojan Ousaban is targeting Spain and Portugal via phishing

Qualys Enterprise TruRisk™ Platform Connectors 2.18 API Notification

Qualys Notifications · Anushka Damle · 2026-07-01 13:37 UTC

A new release of Connector APIs (Release 2.18, June 2026) introduces multiple new APIs for service accounts, target accounts, scan logs, and audit trails. This notification summarizes the newly added ...

APINotificationsapiConnectorsenterprise trurisk platform

US lifting export control restrictions on Anthropic’s Mythos, Fable

CyberScoop · djohnson · 2026-07-01 13:36 UTC

The company and the Commerce Department say they have reached an agreement that will see the AI models released publicly with new guardrails and classifiers. The post US lifting export control restric...

AICybersecurityGeopoliticsGovernmentPolicy

Inbox на изи. Как спамеры пробивают любые фильтры

Xakep · ret0x2A · 2026-07-01 13:30 UTC

Для подписчиковПопасть в папку «Входящие» — мечта каждого спамера и настоящее злодейское искусство. Но иногда в корпорациях сами подкидывают возможность обойти все фильтры и средства защиты. Сегодня п...

ПриватностьInboxантиспамВыбор редактораСпам

AI Engagement Models: How CEOs and CIOs Choose the Right AI Strategy Without Wasting Millions

ISHIR | Custom AI Software Development Dallas Fort-Worth Texas · Eric Soon · 2026-07-01 13:28 UTC

AI Accelerator vs AI Delivery Pods vs Build Operate Transfer (BOT): Which AI Engagement Model Fits Your Business? How do we turn AI into measurable...Read More The post AI Engagement Models: How CEOs ...

Data & Artificial Intelligence (AI)

Канальный уровень глазами атакующего: ARP Spoofing, прыжки по VLAN и игры с коммутатором

Habr InfoSec · k1ngk0ng · 2026-07-01 13:25 UTC

Большинство механизмов канального уровня создавались прежде всего для обеспечения связности, масштабируемости и удобства администрирования сети. Безопасность зачастую была не основной целью их разрабо...

канальный уровеньсетевая инфраструктураинформационная безопасность

[原创]某银行 App 对抗实录

Kanxue · 2026-07-01 13:20 UTC

[原创]某银行 App 对抗实录

Chinese Security

Russia 80% adapted to external challenges — Novak - tass.com

TASS Cyber via Google News · TASS Cyber via Google News · 2026-07-01 13:18 UTC

Russia 80% adapted to external challenges — Novak tass.com

US lifts export controls on Anthropic’s frontier cybersecurity AI models

The Record · The Record · 2026-07-01 13:16 UTC

Anthropic said export controls on certain models had been lifted after the company came to a series of agreements with the government.

CybercrimeGovernmentIndustryNewsTechnology

Japanese insurer, brewer, manufacturer and telecom disclose cyber breaches

The Record · The Record · 2026-07-01 13:10 UTC

Aflac's Tokyo arm and brewer Sapporo are among the major Japanese companies to recently notify the public about data breaches.

IndustryNewsCybercrime

The UK's “Special Relationship” with China's Defense-Linked Universities

Natto Thoughts · Eugenio Benincasa · 2026-07-01 13:03 UTC

UK–China university cyber partnerships involve Chinese institutions deeply embedded in China’s defense research system, creating structural risks beyond UK safeguards.

The Autonomous SOC, Revisited: What 18 Months on the Road Has Taught Us

SentinelOne · Gregor Stewart · 2026-07-01 13:00 UTC

Explore SentinelOne's Autonomous SOC maturity model to map your journey toward AI autonomy through strict governance.

Companyagentic socAI SOCautonomous SOCautonomy

Motorola Phones Now Have a Built-In Travel eSIM for Mobile Data Outside the US

Feed: All Latest · Julian Chokkattu · 2026-07-01 13:00 UTC

Available in select markets thanks to a partnership with Gigs, Motorola phone owners have one less hurdle to clear when signing up for a data-only eSIM before traveling abroad.

GearGear / Gear News and EventsGear / Products / Phones

Safe Events Start With Threat Intel and Digital Security

Dark Reading · Olga Polishchuk · 2026-07-01 13:00 UTC

Planning ahead to defend against cyber threats is the work that keeps events uneventful.

👮‍♂️ В Кабардино-Балкарии перед судом предстанет лжеюристка, обманувшая 48 клиентов на 4,2 млн рублей

МВД МЕДИА · МВД МЕДИА · 2026-07-01 12:59 UTC

👮‍♂️ В Кабардино-Балкарии перед судом предстанет лжеюристка, обманувшая 48 клиентов на 4,2 млн рублей Фигурантка разместила на одном из сайтов объявлений, а также в мессенджерах информацию об оказан...

AI-Generated Browser Ransomware Abuses Chromium API on Windows and Android

The Hacker News · Ravie Lakshmanan · 2026-07-01 12:59 UTC

Cybersecurity researchers have flagged a new malware artifact generated using DeepSeek that constructed a novel attack path combining "unrealistic browser-malware concepts with a real browser capabili...

BioShocking: when “gaming” AI agents is no longer a game

Malwarebytes Labs · Malwarebytes Labs · 2026-07-01 12:50 UTC

Researchers warned AI vendors about a proof-of-concept called BioShiocking that tricks agents by gamifying the outcome.

AINews BioShocking gamifying goal manipulation

DEW #161 - Attack Paths Outside the Critical Path, GuardDog 3.0, Detection Chokepoints & Infosec drama

Detection Engineering Weekly · Detection Engineering Weekly · 2026-07-01 12:43 UTC

pardon my breach but I forgot to deploy MFA again

12 лучших практик микросервисов в 2026 году

Департамент Разработки · Департамент Разработки · 2026-07-01 12:41 UTC

12 лучших практик микросервисов в 2026 году Появилась актуальная подборка Top Microservices Best Practices 2026 Разбирают: Database per service Event-driven коммуникацию Observability и distributed...

119 расширений для Edge скрывали малварь в картинках и шрифтах

Xakep · Мария Нефёдова · 2026-07-01 12:30 UTC

Специалисты Microsoft предупредили о вредоносной кампании StegoAd, операторы которой распространяли малварь через официальный магазин расширений Edge. Малварь скрывалась внутри обычных изображений и ф...

НовостиEdgeMalwareMicrosoftStegoAd

Mitigating Attacks Before They Impact Infrastructure: Link11 provides next generation network DDoS protection

HackRead · CyberNewswire · 2026-07-01 12:00 UTC

Frankfurt am Main, Deutschland, 1st July 2026, CyberNewswire

Press Release

CISA Adds One Known Exploited Vulnerability to Catalog

CISA Advisories · CISA · 2026-07-01 12:00 UTC

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-45659 Microsoft SharePoint Server Deserialization of Untr...

🔨 В Ульяновске ожидают суда мошенники, пользовавшиеся уязвимостью в системе банка для хищения денег

МВД МЕДИА · МВД МЕДИА · 2026-07-01 11:59 UTC

🔨 В Ульяновске ожидают суда мошенники, пользовавшиеся уязвимостью в системе банка для хищения денег Злоумышленники случайно узнали об уязвимости в программном обеспечении банка, которая позволяла сд...

Netzilo adds runtime governance for AI agents across major platforms

Help Net Security · Industry News · 2026-07-01 11:55 UTC

Netzilo has announced expanded AI agent governance and runtime enforcement capabilities for Amazon Bedrock AgentCore and other major AI agent harnesses. As enterprises move AI agents from experimentat...

Industry news

Directorate-General OC -- Operative Cyber Security - Bundesamt für Sicherheit in der Informationstechnik

German BSI via Google News · German BSI via Google News · 2026-07-01 11:48 UTC

Directorate-General OC -- Operative Cyber Security Bundesamt für Sicherheit in der Informationstechnik

Chrome needs another whopper update to fix 382 security bugs

Malwarebytes Labs · Malwarebytes Labs · 2026-07-01 11:40 UTC

Google's released a huge update of 382 security fixes, 15 of which were rated as critical. So, it's time to update again!

BugsNews

Dawnguard launches platform to automate secure cloud architecture

Help Net Security · Industry News · 2026-07-01 11:40 UTC

Dawnguard announced the public launch of its security architecture automation platform, making it available to organizations looking to design, build, and operate secure cloud-native systems from day ...

Industry news

漏洞分析 | LiteLLM Proxy 预认证 SQL 注入 (CVE-2026-42208)

FreeBuf · FreeBuf · 2026-07-01 11:33 UTC

攻击者无需任何有效凭据,仅通过发送构造的 `Authorization` 头即可触发注入,读取甚至篡改代理数据库中的所有数据,包括全部 LLM 提供商的 API Key。

Web安全

2026 Cybersecurity Assessment: The Gap Between Awareness and Resilience

The Hacker News · Unknown · 2026-07-01 11:30 UTC

Organizations have never had greater awareness of cyber risk. Yet turning that awareness into operational resilience has never been more challenging. The 2026 Bitdefender Cybersecurity Assessment conf...

Intruder offers Free security plan for lean IT and security teams

Help Net Security · Industry News · 2026-07-01 11:28 UTC

Intruder has announced the launch of its Free plan, providing security, IT, and DevOps teams ongoing access to professional-grade vulnerability management, cloud security, and attack surface managemen...

Industry newsIntruder

各位大佬这个怎么回事

52Pojie · 断桥隔爱 · 2026-07-01 11:28 UTC

062453EB 8D85 10FEFFFF lea eax,dword ptr ss:[ebp-0x1F0] 062453F1 E8 C228FEFF call SSMisD_2.06227CB8 062453F6 8B85 10FEFFFF mov eax,dword ptr ss:[ebp-0x1F0] ; SSMisD_2.05A074D7...

『脱壳破解区』

Adobe Patches Critical ColdFusion, Campaign Classic Vulnerabilities

SecurityWeek · Ionut Arghire · 2026-07-01 11:27 UTC

Seven of the security defects have a maximum severity rating of 10/10 and could lead to arbitrary code execution. The post Adobe Patches Critical ColdFusion, Campaign Classic Vulnerabilities appeared ...

VulnerabilitiesAdobeCVE-2026-48286

CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks

Security Affairs · Pierluigi Paganini · 2026-07-01 11:26 UTC

CISA confirms BlueHammer (CVE-2026-33825) is now used in ransomware attacks to gain SYSTEM privileges through Microsoft Defender. BlueHammer, tracked as CVE-2026-33825, has moved from proof-of-concept...

Breaking NewsCyber CrimeMalwareSecurityBlueHammer

Hack The Box для начинающих: от регистрации до первого root-флага

Codeby · Сергей Попов · 2026-07-01 11:26 UTC

Citrix Patches NetScaler Vulnerabilities, Including New ‘HTTP/2 Bomb’ Attack

SecurityWeek · Ionut Arghire · 2026-07-01 11:20 UTC

Citrix urges customers to patch NetScaler after fixing six vulnerabilities, including the HTTP/2 Bomb flaw and a high-severity CitrixBleed-style information disclosure bug. The post Citrix Patches Net...

Network SecurityVulnerabilitiesCitrixFeatured

AirDrop and Quick Share Flaws Allow Attackers to Crash Nearby Devices

CISO Whisperer · John Kevin Hao · 2026-07-01 11:17 UTC

What happened Security researchers disclosed multiple vulnerabilities affecting Apple AirDrop and Google and Samsung Quick Share that could allow attackers within wireless range to crash or disrupt ne...

Cyber threats and incidentsAirdropQuick ShareVulnerability

Lectric XPress2 Review (2026): A Heavy-Duty but Nimble Ebike

Feed: All Latest · Michael Venutolo-Mantovani · 2026-07-01 11:02 UTC

This hefty but nimble and highly customizable ebike makes the journey as important as the destination. Get where you want, and have fun along the way.

GearGear / ReviewsGear / Products / Outdoor

The Gentlemen Ransomware Targets Large Corporations and Critical Infrastructure Worldwide

GBHackers · GBHackers · 2026-07-01 11:01 UTC

The Gentlemen ransomware group has emerged in 2026 as a highly adaptive and technically sophisticated ransomware-as-a-service (RaaS) operation targeting large corporations and critical infrastructure ...

cyber securityCyber Security NewsRansomware

Anthropic's Fable 5 and Mythos 5 Are Back with New Security Guardrails

Infosecurity Magazine · Infosecurity Magazine · 2026-07-01 11:00 UTC

The new classifier in Fable 5 blocks the jailbreak technique that prompted the US export controls “in over 99% of cases”

Drive Slower, Save Money on Gas. Thanks, Physics!

Feed: All Latest · Rhett Allain · 2026-07-01 11:00 UTC

Planning a Fourth of July getaway? Use less gas—and cut your emissions—by easing up on the pedal.

ScienceScience / Physics and Math

Vulnerabilities in MyComplianceOffice MCO software

CERT Poland · CERT Polska · 2026-07-01 10:55 UTC

CERT Polska has received a report about 8 vulnerabilities (from CVE-2026-53902 to CVE-2026-53909) found in MyComplianceOffice MCO software.

CVEvulnerabilitywarningcve

Papa Johns Surveillance-Based Advertising

Bruce Schneier · Bruce Schneier · 2026-07-01 10:53 UTC

Papa Johns is spying on people’s buying activities to predict when they are low on food: The pizza chain recently tapped NBCUniversal, Instacart and the dentsu-owned media agency Carat for help ...

Una oleada de password spraying contra Azure CLI supera 81 millones de intentos y compromete al menos 78 cuentas

Hispasec · Hispasec · 2026-07-01 10:52 UTC

Una campaña masiva de password spraying golpeó el inicio de sesión de Azure CLI con más de 81 millones de intentos en dos semanas. El saldo confirmado es de al menos 78 cuentas comprometidas en 64 org...

Generalciberseguridad

CitrixBleed: seis vulnerabilidades de NetScaler permiten la lectura de archivos y ataques de denegación de servicio

Segu-Info · SeguInfo · 2026-07-01 10:42 UTC

Ayer Citrix publicó actualizaciones de seguridad para solucionar múltiples fallos en NetScaler ADC (anteriormente Citrix ADC) y NetScaler Gateway (anteriormente Citrix Gateway) que podrían ser ...

Microsoft Accelerates Post-Quantum Cryptography Shift to 2029

The Hacker News · Ravie Lakshmanan · 2026-07-01 10:41 UTC

Microsoft on Tuesday said it's accelerating its quantum safe security roadmap, stating technology advances in quantum computing are making it essential to replace existing encryption standards sooner ...

[原创] iOS App的商业级环境检测手段 - 基于某讯A<E Framework 详解

Kanxue · 2026-07-01 10:40 UTC

[原创] iOS App的商业级环境检测手段 - 基于某讯A<E Framework 详解

Chinese Security

Claude Code被曝“暗中识别中国用户”?隐藏检测逻辑引发热议

Kanxue · 2026-07-01 10:40 UTC

Claude Code被曝“暗中识别中国用户”?隐藏检测逻辑引发热议

Chinese Security

Обзор APEX Security — Android Package EXaminer

Habr InfoSec · Cicada0034 · 2026-07-01 10:38 UTC

Вообще, идея была автоматизировать процесс проведения анализа и извлечения всей необходимой информации из вредоносного APK файла. Ряд программ уже существует в компьютерном мире, однако я понял для се...

APKВредоносВредоносыPythonKotlin

Обнаружен новый инструментарий для компрометации корпоративной почты в Gmail

Xakep · Мария Нефёдова · 2026-07-01 10:30 UTC

Эксперты «Лаборатории Касперского» обнаружили новый инструмент группировки ToddyCat, который позволяет незаметно получать доступ к корпоративной почте Gmail через Google API. Малварь под названием Umb...

НовостиGmailGoogleOAuthToddyCat

Just About Anyone Can Sell You GLP-1s Online Now

Feed: All Latest · Kate Knibbs · 2026-07-01 10:30 UTC

Welcome to the “Temu experience of telehealth,” where everyone from Grindr to MAGA influencers can open a virtual clinic selling weight loss drugs and more.

BusinessBusiness / Startups

RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow

Security Affairs · Pierluigi Paganini · 2026-07-01 10:25 UTC

RustDuck is a small, evolving DDoS botnet migrating to Rust. It uses advanced encryption, anti-analysis evasion, and exploits known IoT flaws. Since February 2026, researchers at QiAnXin&#8217;s XLab ...

Breaking NewsMalwareSecuritybotnetCybercrime

RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow

Security Affairs · Pierluigi Paganini · 2026-07-01 10:25 UTC

RustDuck is a small, evolving DDoS botnet migrating to Rust. It uses advanced encryption, anti-analysis evasion, and exploits known IoT flaws. Since February 2026, researchers at QiAnXin&#8217;s XLab ...

Breaking NewsMalwareSecuritybotnetCybercrime

How I Found an Email Verification Bypass on an AI Freelance Platform

InfoSec Write-ups · Hangga Aji Sayekti · 2026-07-01 10:20 UTC
email-verification-bypasshackingweb-securityapplication-securitybug-bounty

当AI跑进容器:全链路容器安全检测与智能运营实践

FreeBuf · FreeBuf · 2026-07-01 10:20 UTC

本文在宿主机层面,从容器的IaC(基础设施即代码)、镜像到运行时,全方位探讨容器安全检测的整体思路

系统安全

Hack Smarter — City Council (Active Directory)

InfoSec Write-ups · rootshellace · 2026-07-01 10:19 UTC
privilege-escalationcybersecurityactive-directorybloodhoundhack-smarter

Massive Password Spray Campaign Targets Azure CLI

CISO Whisperer · John Kevin Hao · 2026-07-01 10:18 UTC

What happened A massive password spray campaign is targeting Microsoft 365 environments through Azure CLI authentication. Huntress warned that threat actors made more than 81 million login attempts ag...

Cyber threats and incidentsAzureMicrosoftPassword

Why Being in the Docker Group Is a Backdoor to Your Whole System

InfoSec Write-ups · byte&borrow · 2026-07-01 10:17 UTC

If you&#x2019;ve worked with Docker on Linux, you&#x2019;ve probably encountered this command at least once:Continue reading on InfoSec Write-ups »

devopslinuxdockercybersecurity

Is the Android Lock Screen an Illusion? A Critical Logical Bypass Discovered in the Gemini App

InfoSec Write-ups · Mustafa Salih Berk · 2026-07-01 10:17 UTC
securitybug-bountycybersecuritybugbounty-writeupvulnerability

ChatGPT: Guardrail Bypass to LFI Vulnerability POC

InfoSec Write-ups · zer0dac · 2026-07-01 10:16 UTC
ai-bypasslfi-vulnerabilityaiguardrailsai-securityapplication-security

Auth Bypass is it?

InfoSec Write-ups · Devansh Patel · 2026-07-01 10:16 UTC

Target, domains, API keys, bearer tokens, SSO IDs, and organisation names are redacted. This writeup is for educational purposes and&#x2026;Continue reading on InfoSec Write-ups »

bug-bountybugbounty-writeupbug-bounty-hunterbug-bounty-writeupbug-bounty-tips

LLMborghini: TryHackMe AI Security Challenge

InfoSec Write-ups · Raymond Ebonine · 2026-07-01 10:16 UTC

Exploring Prompt Injection and Jailbreaking Through a Practical AI Security ChallengeContinue reading on InfoSec Write-ups »

tryhackmellmaicybersecurityartificial-intelligence

Asymmetric Signing, Machine Fingerprinting, and Offline Grace Periods: Building a License System…

InfoSec Write-ups · freerave · 2026-07-01 10:14 UTC
reverse-engineeringpythonsoftware-securitylicensingcryptography

Beyond Canarytokens: Building a DIY Document Tripwire with Passive OS Fingerprinting

InfoSec Write-ups · Anezaneo · 2026-07-01 10:14 UTC
cybersecurityredteam-toolpentestingthreat-intelligenceinfosec

Cryptanalysis: Recovering an Affine Encryption Scheme Using GF(2) Linear Algebra

InfoSec Write-ups · Muhammad Ashraf Ali · 2026-07-01 10:14 UTC
hackingreverse-engineeringcryptographycryptanalysisencryption

TraceForge: A Browser-First Mobile Pentesting Lab for Static, Dynamic, and AI-Assisted Security…

InfoSec Write-ups · Ankits_pandey07 · 2026-07-01 10:13 UTC
android-pentestingios-securitymobile-securityfridabug-bounty

Road Ready: CISOs to Watch in Automotive and Transportation

CISO Whisperer · John Kevin Hao · 2026-07-01 10:12 UTC

The automotive and transportation sector is undergoing a digital transformation that has outpaced its security maturity in many organizations. Connected vehicles, digital supply chains, e-commerce par...

Founders, Analysts & Industry VoicesAutomotiveCISOs to WatchTransporation

Browser-Only Ransomware: From LLM Hallucinations to a Practical Attack Technique

Check Point Research · stcpresearch · 2026-07-01 10:05 UTC

Research by:&#160;Alexey Bukhteyev Key Takeaways Introduction Over the past several years, large language models have reshaped software development, and malware development has followed the same path....

AI ResearchCheck Point Research Publications

Adobe: aggiornamenti di sicurezza - Agenzia per la Cybersicurezza Nazionale - ACN

Italy ACN via Google News · Italy ACN via Google News · 2026-07-01 10:04 UTC

Adobe: aggiornamenti di sicurezza Agenzia per la Cybersicurezza Nazionale - ACN

Martin Lee: Running through the Arctic (and the threat landscape)

Cisco Talos Blog · Amy Ciminnisi · 2026-07-01 10:00 UTC

Ever wonder how someone goes from studying human viruses to leading cybersecurity teams? In this Humans of Talos, we’re joined by Martin Lee, EMEA Lead, to talk about his journey into the industry.

Humans of Talos

The SOC Files: ScreenConnect masked as freeware. An inside look at a large-scale campaign

Securelist · Denis Kulik · 2026-07-01 10:00 UTC

Kaspersky experts have uncovered a malicious network infrastructure for delivering AsyncRAT. The Trojan is dropped via compromised ScreenConnect software. In this post, we break down the infection cha...

Malware TechnologiesRAT TrojanPowerShellInfrastructureThreat hunting

The ARToken phishing panel targets Microsoft 365 accounts

Help Net Security · Sinisa Markovic · 2026-07-01 10:00 UTC

Accounts-payable staff at U.S. companies keep receiving invoice emails that look like they come from vendors they already work with. One landed at a life-sciences company in April 2026, addressed to t...

Don't missNewsCiscocybercrimeMicrosoft 365

ARToken: Inside an EvilTokens affiliate panel targeting Microsoft 365

Cisco Talos Blog · Michael Kelley · 2026-07-01 10:00 UTC

Talos has identified "ARToken," a phishing-as-a-service platform that targets Microsoft 365. The ARToken panel exposes 80+ API endpoints for device code phishing, Primary Refresh Token persistence, em...

Threat AdvisoryLanding Page Top StoryTop Story

Frontier AI: Six Questions Every Enterprise Should Ask Security Vendors

SecurityWeek · Joshua Goldfarb · 2026-07-01 10:00 UTC

From model selection and automation to validation and measurable results, the right questions can help enterprises separate genuine AI capabilities from marketing hype. The post Frontier AI: Six Quest...

Artificial IntelligenceAIFrontier AI

This phishing kit looks more like BEC-as-a-service

CyberScoop · Tim Starks · 2026-07-01 10:00 UTC

Cisco Talos’ research on ARToken builds on what’s known about the related EvilTokens phishing-as-a-service. The post This phishing kit looks more like BEC-as-a-service appeared first on CyberScoop.

CybercrimeResearchThreatsARTokenbusiness email compromise

Microsoft Accelerates Quantum-Safe Push with New Timeline

Infosecurity Magazine · Infosecurity Magazine · 2026-07-01 10:00 UTC

Microsoft has brought forward its timelines for transitioning to post-quantum cryptography (PQC)

Claude Helped a Hacker Find a Way to Issue Tickets to Almost Every US Music Festival

Wired Security · Andy Greenberg · 2026-07-01 10:00 UTC

A researcher found that using Anthropic’s Claude Opus 4.7, he could break into the website of Front Gate—used by every festival from Lollapalooza to Bonnaroo—and freely issue any ticket he chose.

SecuritySecurity / Cyberattacks and Hacks

🤲 Группа «криминальных авторитетов» задержана в Тульской области за вымогательства денег

МВД МЕДИА · МВД МЕДИА · 2026-07-01 09:59 UTC

🤲 Группа «криминальных авторитетов» задержана в Тульской области за вымогательства денег Осенью 2024 года в Ефремовском районе злоумышленники заблокировали путь автомобилю под управлением 35-летнего...

从HTTP到HTTPS:数据从明文展现到加密护航的进化之路

FreeBuf · FreeBuf · 2026-07-01 09:59 UTC

HTTP与HTTPS间的差别虽然细微,却决定了一个企业的网站是在互联网环境中,到底是“裸奔”,还是穿上了“安全甲胄”。

资讯

Warning: Critical unauthenticated arbitrary file upload vulnerability CVE-2026-56290 affects the Joomla Page Builder CK extension and lead to RCE, Patch Immediately! - CCB Belgium

Belgium CCB via Google News · Belgium CCB via Google News · 2026-07-01 09:54 UTC

Warning: Critical unauthenticated arbitrary file upload vulnerability CVE-2026-56290 affects the Joomla Page Builder CK extension and lead to RCE, Patch Immediately! CCB Belgium

英语四千单词百日通 第2版+30CB

52Pojie · ireadfree · 2026-07-01 09:54 UTC
『悬赏问答区』

内网-隧道技术-对付不出网之ICMP&DNS&地狱模式

T00ls · 2026-07-01 09:50 UTC

内网-隧道技术-对付不出网之ICMP&DNS&地狱模式

Chinese Security

PKI体系主要功能是什么?

FreeBuf · FreeBuf · 2026-07-01 09:44 UTC

PKI(公钥基础设施)就是这些问题的基础设施级答案。它是现代互联网安全、电子商务、电子政务的基石,也是数字信任体系的核心支柱。

资讯

Claude Fable 5 вышел снова

Департамент Разработки · Департамент Разработки · 2026-07-01 09:33 UTC

Claude Fable 5 вышел снова Самая мощная модель для кодинга снова онлайн, но теперь она может молча забрать ваш запрос и скормить его старой версии. Сегодня Anthropic глобально разбанили доступ к Fab...

国际认可 | 绿盟科技获评为威胁情报知名供应商

NSFOCUS · NSFOCUS · 2026-07-01 09:32 UTC

近日,国际咨询机构Forrester发布了威胁情报领域研究报告 The External Threat IntRead More

安全分享

З початку повномасштабної війни СБУ нейтралізувала понад 16 тисяч російських кібератак та кіберінцидентів

Служба безпеки України · Служба безпеки України · 2026-07-01 09:30 UTC

З початку повномасштабної війни СБУ нейтралізувала понад 16 тисяч російських кібератак та кіберінцидентів Від початку повномасштабного вторгнення фахівці Департаменту кібербезпеки СБУ нейтралізували ...

Apple Patches Dozens of Vulnerabilities Across iOS, macOS, and Safari

SecurityWeek · Ionut Arghire · 2026-07-01 09:30 UTC

The updates fix vulnerabilities in WebKit, the kernel, WebRTC, Web Extensions, and other components affecting iPhone, iPad, Mac, and Safari users. The post Apple Patches Dozens of Vulnerabilities Acro...

VulnerabilitiesApplemacOSPatchWebKit

Cyber Insurers Focus on Speed as AI Rewrites Security

Google News · WSJ Cyber · 2026-07-01 09:30 UTC
WSJ Cyber

A Guided Tour of Donald Trump’s Renovated Washington, DC

Feed: All Latest · Hugo Lowell · 2026-07-01 09:30 UTC

Trump has remade the nation’s capitol in his own image. Ahead of the Fourth of July, WIRED guides you through the dizzying effects of DC’s makeover.

Politics

RedLine Infostealer Thread Reveals Hidden Maritime Phishing and BEC Infrastructure

GBHackers · GBHackers · 2026-07-01 09:23 UTC

A routine threat-feed alert for a RedLine Stealer command-and-control (C2) IP morphed into a full-scale pivot investigation that exposed a tailored maritime spear‑phishing and business email compromis...

cyber securityCyber Security NewsPhishing

电气一次学习视频教程

52Pojie · GL20181103 · 2026-07-01 09:23 UTC
『悬赏问答区』

[原创]企业微信隐藏的配置:屏蔽AI+IM窗口

Kanxue · 2026-07-01 09:20 UTC

[原创]企业微信隐藏的配置:屏蔽AI+IM窗口

Chinese Security

OpenMatter Network Introduces Verifiable Trust Layer for Secure Collaboration and AI Agents

GBHackers · GBHackers · 2026-07-01 09:18 UTC

Melbourne, Florida, June 30th, 2026, CyberNewswire OpenMatter Network today announced the launch of its cryptographically verifiable platform for secure collaboration and AI governance, built on a sim...

Press Release

AI-driven cyberattacks emerge as top risk for banks and NBFCs, says RBI

Google News · Financial Security · 2026-07-01 09:16 UTC
Financial Security

Appetite for Security: CISOs to Watch in Food and Beverage

CISO Whisperer · John Kevin Hao · 2026-07-01 09:14 UTC

Food and beverage companies face a security challenge that combines the operational technology risks of manufacturing with the consumer data obligations of retail and the supply chain complexity of gl...

Founders, Analysts & Industry VoicesCISOs to WatchFood & BeverageFood Production

Silent Swap Malware Uses Fake Browser Extension to Steal Cryptocurrency

CISO Whisperer · John Joseph Javier · 2026-07-01 09:13 UTC

What happened Researchers at McAfee Labs have uncovered an active cryptocurrency theft campaign called Silent Swap, which uses a malicious browser extension to silently replace cryptocurrency wallet a...

Cyber threats and incidentsCryptocurrencyExtensionsSilent Swap

Building more resilient CNI: what industry pen testers told us

UK NCSC · UK NCSC · 2026-07-01 09:10 UTC

Pen testers suggest what organisations can do to make their job more difficult.

ChatGPT produced graphic violent images that shocked researchers

Malwarebytes Labs · Malwarebytes Labs · 2026-07-01 09:10 UTC

AI assistants like ChatGPT are supposed to have appropriate guardrails to stop people creating harmful content. However, they don't always work.

AINews ChatGPT

DOE’s CESER steps up cyber supply chain defenses to protect critical energy infrastructure from emerging threats

Google News · Critical Infrastructure · 2026-07-01 09:06 UTC
Critical Infrastructure

TLS握手协议过程是怎么进行的?

FreeBuf · FreeBuf · 2026-07-01 09:06 UTC

TLS握手是客户端与服务器建立加密通信的核心过程,整个握手在毫秒级内完成,却涵盖了身份验证、密钥协商和加密套件确认等关键步骤。了解TLS握手原理,有助于排查连接错误、优化HTTPS性能。

资讯

Top Ransomware Protection Companies Enhancing Security

Google News · Ransomware · 2026-07-01 09:03 UTC
Ransomware

黄安达solidworks非标设计全套培训视频

52Pojie · 白馒头 · 2026-07-01 09:02 UTC
『悬赏问答区』

FCC moves to new cybersecurity rules to prevent emergency alert hijacking, modernize public warning systems

Google News · Telecom Security · 2026-07-01 09:01 UTC
Telecom Security

Insurance Giant Aflac Discloses Data Breach Impacting Millions

Infosecurity Magazine · Infosecurity Magazine · 2026-07-01 09:00 UTC

Aflac Japan has notified regulators that policy details and personal and banking information have been compromised

Pandas KeyError on .loc / .iloc: 5 Causes & Fixes (2026)

Itsourcecode.com · angel jude suarez · 2026-07-01 09:00 UTC

You called df.loc[index_label] on a DataFrame and Python raised KeyError. The label looks valid, you can even see it in df.index. Why is pandas saying it doesn&#8217;t exist? This guide ... Read more...

KeyErrordata wranglingdataframeilocindexing

📝 В Ульяновске завершено расследование хищения 1,6 млн рублей при ремонте учебного аэродрома

МВД МЕДИА · МВД МЕДИА · 2026-07-01 08:59 UTC

📝 В Ульяновске завершено расследование хищения 1,6 млн рублей при ремонте учебного аэродрома Следователем следственного отдела Ульяновского ЛО МВД России на транспорте завершено расследование уголов...

‘Every hour ransomware goes undetected drastically increases its potential blast radius’: Hackers are breaching networks and laying low for longer – and nearly half of firms don’t realize until data is stolen

Google News · ITPro · 2026-07-01 08:59 UTC
ITPro

Dawnguard Raises $6.3 Million for Security Architecture Automation Platform

SecurityWeek · Ionut Arghire · 2026-07-01 08:55 UTC

The company has publicly launched its solution to help organizations design, build, and operate secure cloud systems. The post Dawnguard Raises $6.3 Million for Security Architecture Automation Platfo...

Cybersecurity FundingDawnguardfunding

США сняли экспортные ограничения c новейшего ИИ Anthropic

🤖 The Bell Tech · 🤖 The Bell Tech · 2026-07-01 08:54 UTC

США сняли экспортные ограничения c новейшего ИИ Anthropic НАСТОЯЩИЙ МАТЕРИАЛ (ИНФОРМАЦИЯ) ПРОИЗВЕДЕН И РАСПРОСТРАНЕН ИНОСТРАННЫМ АГЕНТОМ THE BELL ЛИБО КАСАЕТСЯ ДЕЯТЕЛЬНОСТИ ИНОСТРАННОГО АГЕНТА THE BE...

JLR hack attribution turns spotlight on Britain’s offensive cyber capability

Google News · Russia Cyber · 2026-07-01 08:50 UTC
Russia Cyber

Claude Sonnet 5 includes safeguards against dangerous cyber use

Help Net Security · Anamarija Pogorelec · 2026-07-01 08:45 UTC

Anthropic has introduced Claude Sonnet 5, the latest version of its general-purpose AI model, with improved reasoning, coding, tool use, and knowledge work capabilities. The model can make plans, use ...

Newsagentic AIAIAnthropicClaude Code

Hephaestus:迈向网络安全AI科学家

Seebug Paper · Seebug Paper · 2026-07-01 08:44 UTC

作者:Jiaqi Li, Yang Zhao, Wen Lu, Lvyang Zhang, and Lidong Zhai 原文链接:https://arxiv.org/pdf/2606.29981v1 摘要 网络攻击正在以机器速度推进;但网络安全研究本身却并非如此。现有的AI科学家系统使得端到端的研究自动化越来越可行,但它们针对的是相对稳定的科学领域。我们认为,AI原生的网络安全是一种不同类型的...

AI安全

Вышла Kali Linux 2026.2 с девятью новыми инструментами и обновлениями для NetHunter

Xakep · Мария Нефёдова · 2026-07-01 08:30 UTC

Разработчики Kali Linux выпустили второй релиз в 2026 году. В Kali Linux 2026.2 добавили девять новых инструментов, обновили ядро и вспомогательные скрипты, а также заметно доработали платформу NetHu...

НовостиKali LinuxLinuxRed TeamВзлом

Space Lasers Show How Venezuela’s Earthquakes Reshaped the Earth’s Crust

Feed: All Latest · Jorge Garay · 2026-07-01 08:30 UTC

New satellite imagery reveals how much terrain has shifted in the wake of the twin quakes.

ScienceScience / Environment

GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents

Security Affairs · Pierluigi Paganini · 2026-07-01 08:28 UTC

Researchers found a shell injection flaw in 10 of 11 popular open-source AI agents, allowing attackers to bypass command filters. Adversa AI just published a survey, titled &#8220;GuardFall: a univers...

Artificial IntelligenceBreaking NewsHackingSecurityAI

GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents

Security Affairs · Pierluigi Paganini · 2026-07-01 08:28 UTC

Researchers found a shell injection flaw in 10 of 11 popular open-source AI agents, allowing attackers to bypass command filters. Adversa AI just published a survey, titled &#8220;GuardFall: a univers...

Artificial IntelligenceBreaking NewsHackingSecurityAI

Как мы строили безопасную микросервисную архитектуру с Service Mesh: интеграция с базами данных и масштабированиe

Habr InfoSec · spbvalentine (Сбер) · 2026-07-01 08:24 UTC

Привет, Habr! Меня зовут Валентин, я DevOps-инженер команды Platform V Kintsugi. Мы занимаемся развитием облачного сервиса и на практике регулярно сталкиваемся как с архитектурными задачами построения...

микросервисная архитектураkintsugisynapseсбертехistio

Fluentd Security Flaws Enable Remote Code Execution, SSRF, DoS, and Credential Exposure

GBHackers · GBHackers · 2026-07-01 08:23 UTC

Fluentd, a widely used open-source data collector for unified logging, has reported several high-impact vulnerabilities that could enable attackers to achieve remote code execution (RCE), server-side ...

CVE/vulnerabilityCyber Security News

服务器问题,请教大神帮看看

52Pojie · llagang · 2026-07-01 08:17 UTC
『悬赏问答区』

深入浅出微前端-掘金

52Pojie · Lbxin · 2026-07-01 08:10 UTC
『悬赏问答区』

Делаем отказоустойчивое файловое хранилище поверх JPEG-файлов

Habr InfoSec · arabramov · 2026-07-01 08:10 UTC

Что, если хранить зашифрованный контейнер не в одном файле, а распределять между несколькими JPEG-изображениями? Причём так, чтобы потеря части изображений не приводила к потере данных. В этой статье ...

securityencryptionpython

VulnHub Momentum 2 靶机渗透实战 — 初学者的复现之路

FreeBuf · FreeBuf · 2026-07-01 08:08 UTC

每一步都需要多想一步,做完感觉对渗透的"挖信息 → 利用信息"这个循环更有体感了。

Web安全

The Cyber Interview: Chester Wisniewski, Sophos

Google News · Cyber Attacks · 2026-07-01 08:03 UTC
Cyber Attacks

Trojan Spirit, the Army’s Intelligence Backbone, Needs a Successor

War on the Rocks · War on the Rocks · 2026-07-01 08:00 UTC

In 1990, the idea that deployed commanders could access the latest intelligence from three-letter agencies in the middle of nowhere was radical. But the Army was starting to make this idea real throug...

Cogs of War

ModuleNotFoundError: No Module Named ‘langgraph’ (2026)

Itsourcecode.com · Adrian Mercurio · 2026-07-01 08:00 UTC

LangGraph is LangChain&#8217;s graph-based agent orchestration library, now the default way to build multi-agent AI systems in 2026. If you see ModuleNotFoundError: No module named &#8216;langgraph&#8...

Python ModuleNotFoundError Reference: 198+ "No module named X" Fixes (2026)ai agentslangchainlanggraphModulenotfounderror

Cursor IDE 曝出两大关键 RCE 漏洞 可实现零点击提示注入攻击

FreeBuf · FreeBuf · 2026-07-01 07:59 UTC

Cursor IDE曝两大高危RCE漏洞,可零点击攻破AI开发环境!

AI安全

New RustDuck Botnet Targets IoT Devices and Servers With Weak Passwords and RCE Exploits

GBHackers · GBHackers · 2026-07-01 07:55 UTC

A sophisticated new botnet family dubbed RustDuck emerged in early 2026, leveraging a two-stage Loader and Core architecture to compromise IoT devices, routers, and enterprise servers through brute-fo...

Botnetcyber securityCyber Security NewsIoT

Simple Inventory System In PHP With Source Code

Source Code & Projects · codeprojects · 2026-07-01 07:54 UTC

Project: Simple Inventory System In PHP With Source Code Please scroll down and click on the download button to download&#160;Simple [&#8230;] The post Simple Inventory System In PHP With Source Code ...

PHP ProjectscssPHPsql

CSDN资源下载

52Pojie · tyroneding · 2026-07-01 07:54 UTC

CM0102 3968升级包 https://download.csdn.net/download/shaomilan/10937167 CM0102 3968免CD补丁 https://download.csdn.net/download/shaomilan/10937162

『悬赏问答区』

IP, браузер, TLS: три слоя, на которых палится парсер

Habr InfoSec · TUYU · 2026-07-01 07:52 UTC

С чего все началосьХотел простую вещь: отслеживать цену на пару товаров, которые ждал со скидкой. Чтобы не заходить руками каждый день, а получить уведомление, когда подешевело.Думал, это вечер работы...

парсингантиботTLS-фингерпринтингJA3JA4

«Гражданин, обновитесь»: анализ вредоносной кампании Falcon

Habr InfoSec · delvinru (Positive Technologies) · 2026-07-01 07:52 UTC

«Обновите приложение». Для большинства пользователей это привычное сообщение, а для хакеров - один из самых надежных и эффективных способ получить контроль над устройством. В этой статье разберем вред...

androidfalconsandboxобратная разработкафишинг

ToddyCat APT Automates Gmail Account Compromise With ConfuserEx-Obfuscated .NET Tool

Google News · Advanced Threats · 2026-07-01 07:46 UTC
Advanced Threats

Massive Password Spray Campaign Targeting Azure CLI

SecurityWeek · Ionut Arghire · 2026-07-01 07:46 UTC

Hackers were seen making over 81 million login attempts originating from systems associated with hosting provider LSHIY. The post Massive Password Spray Campaign Targeting Azure CLI appeared first on ...

Cloud SecurityAzureAzure CLIpassword spray

百度文库代下

52Pojie · qwaszx3597768 · 2026-07-01 07:45 UTC

帮忙下载文库资料。 https://wenku.baidu.com/view/d893314fda80d4d8d15abe23482fb4daa48d1d41.html?_wkts_=1782890040403&bdQuery=2026+%E8%8B%8F%E6%95%99%E7%89%885%E5%B9%B4%E7%BA%A7%E6%9C%9F%E6%9C%AB%E8%AF%95%E5%8D%...

『悬赏问答区』

SQL核心单词查询(115词)

52Pojie · ethan789 · 2026-07-01 07:42 UTC

基于同事想要学SQL帮他整理了基础的115个常用单词 包含单词的用法(例句)、注释和释义 程序主要整理的是ANSI SQL和部分方言SQL(MS SQL、MYSQL、Oracle) 例句以ANSI SQL为主【通用】,如有方言写法会加以对应的标识 ...

『精品软件区』

Родители смогут получить выписки по счетам и вкладам своих детей с 1 июля, заявил Володин.

ТАСС · ТАСС · 2026-07-01 07:42 UTC

Родители смогут получить выписки по счетам и вкладам своих детей с 1 июля, заявил Володин. Такая мера позволит отслеживать финансовые операции и защитить детей от кибермошенников, а также тех, кто п...

Russ Vought Takes Direct Role Over U.S. Intelligence Budget Oversight

CISO Whisperer · John Kevin Hao · 2026-07-01 07:38 UTC

What happened White House budget chief Russ Vought has taken direct responsibility for overseeing classified spending plans for major U.S. intelligence agencies. Vought, who leads the Office of Manage...

Founders, Analysts & Industry VoicesCybersecurityRuss Vought

[原创]获取jni函数地址

Kanxue · 2026-07-01 07:36 UTC

[原创]获取jni函数地址

Chinese Security

Adobe patches seven max severity ColdFusion, Campaign flaws

Google News · Vulnerabilities · 2026-07-01 07:34 UTC
Vulnerabilities

The Hizballah Predicament: Why An Integrated Approach Is Necessary

War on the Rocks · War on the Rocks · 2026-07-01 07:30 UTC

What can leaders do about a transnational organization that is a militia, a political party, a social services network, and a smuggling operation at the same time &#8212; and one that has resisted var...

CommentaryIsraeli-Lebanese ConflictLebanonSecurity Cooperation

CIA Chief Highlights Major Shifts in Agency’s Technology Approach

CISO Whisperer · John Kevin Hao · 2026-07-01 07:29 UTC

What happened CIA Director John Ratcliffe said the agency is undergoing a “fundamental reshaping” of how it uses and pursues emerging technology. Speaking at the AWS Summit in Washington, D.C., Ratcli...

Founders, Analysts & Industry VoicesCIACybersecurity

Langflow RCE Exploited to Deploy Monero Miner on Exposed AI App Endpoints

CISO Whisperer · John Kevin Hao · 2026-07-01 07:27 UTC

What happened Threat actors are exploiting a critical Langflow vulnerability to deploy a Monero cryptocurrency miner on exposed AI application endpoints. The vulnerability is tracked as CVE-2026-33017...

Cyber threats and incidentsCryptoLangflowVulnerability

Glitch SPY RAT Abuses Android Accessibility Service for Full Device Control

GBHackers · GBHackers · 2026-07-01 07:24 UTC

An emerging Android remote-access trojan platform, tracked as Glitch SPY, that leverages a fraudulent Polish apartment-rental website to trick victims into sideloading a malicious APK. The dropper, id...

Androidcyber securityCyber Security News

Microsoft Warns Poisoned MCP Tool Descriptions Can Make AI Agents Leak Data

CISO Whisperer · John Kevin Hao · 2026-07-01 07:22 UTC

What happened Microsoft warned that attackers can hijack AI agents by poisoning the descriptions of tools connected through the Model Context Protocol. The research comes from Microsoft Incident Respo...

Cyber threats and incidentsMicrosoftPoisoned MCP