相關新聞
Phishers Wreak 'Havoc,' Disguising Attack Inside SharePoint
A complex campaign allows cyberattackers to take over Windows systems by a combining a ClickFix-style attack and sophisticated obfuscation that abuses legitimate Microsoft services.
Dark Reading
2025年03月04日 76 觀看次數
12,000+ API Keys and Passwords Found in Public Datasets Used for LLM Training
A dataset used to train large language models (LLMs) has been found to contain nearly 12,000 live secrets, which allow for successful authentication. The findings once again highlight how hard-coded credentials pose a severe security risk to users and organizations alike, ...
The Hacker News
2025年02月28日 65 觀看次數
AI Tricksters Spin Up Fake DeepSeek Sites to Steal Crypto
The fake websites trick users into downloading and running malware that searches for personal information, especially anything related to crypto currency.
Dark Reading
2025年02月26日 88 觀看次數
Beware: PayPal "New Address" feature abused to send phishing emails
An ongoing PayPal email scam exploits the platform's address settings to send fake purchase notifications, tricking users into granting remote access to scammers [...]
Bleepingcomputer
2025年02月23日 78 觀看次數
Apiiro unveils free scanner to detect malicious code merges
Security researchers at Apiiro have released two free, open-source tools designed to detect and block malicious code before they are added to software projects to curb supply chain attacks. [...]
Bleepingcomputer
2025年02月21日 110 觀看次數
Hackers Exploit Signal's Linked Devices Feature to Hijack Accounts via Malicious QR Codes
Multiple Russia-aligned threat actors have been observed targeting individuals of interest via the privacy-focused messaging app Signal to gain unauthorized access to their accounts. "The most novel and widely used technique underpinning Russian-aligned attempts to compromise Signal accounts is the abuse of the...
The Hacker News
2025年02月20日 68 觀看次數
New FrigidStealer infostealer infects Macs via fake browser updates
The FakeUpdate malware campaigns are increasingly becoming muddled, with two additional cybercrime groups tracked as TA2726 and TA2727, running campaigns that push a new macOS infostealer malware called FrigidStealer. [...]
Bleepingcomputer
2025年02月20日 57 觀看次數
Xerox Printer Vulnerabilities Enable Credential Capture
Attackers are using patched bugs to potentially gain unfettered access to an organization's Windows environment under certain conditions.
Dark Reading
2025年02月19日 64 觀看次數
Microsoft spots XCSSET macOS malware variant used for crypto theft
A new variant of the XCSSET macOS modular malware has emerged in attacks that target users' sensitive information, including digital wallets and data from the legitimate Notes app. [...]
Bleepingcomputer
2025年02月18日 68 觀看次數
Google Chrome's AI-powered security feature rolls out to everyone
Google Chrome has updated the existing "Enhanced protection" feature with AI to offer "real-time" protection against dangerous websites, downloads and extensions.
Bleeping Computer
2025年02月17日 65 觀看次數
