New Android Trojan “Datzbro” Tricking Elderly with AI-Generated Facebook Travel Events 研究人员发现了一种新型安卓银行木马Datzbro，专门针对老年人通过社交媒体活动诱导下载恶意应用。该木马可远程控制设备、窃取密码及锁屏PIN，并利用屏幕布局模拟技术进行操控。其目标包括澳大利亚等多国用户，开发者疑似中文威胁团伙。... 2025-9-30 09:20:0 | 阅读: 11 | 收藏 | The Hacker News - thehackernews.com datzbro facebook security download

Evolving Enterprise Defense to Secure the Modern AI Supply Chain read file error: read notes: is a directory... 2025-9-30 08:33:0 | 阅读: 12 | 收藏 | The Hacker News - thehackernews.com security wing governance exposure adoption

U.K. Police Just Seized £5.5 Billion in Bitcoin — The World’s Largest Crypto Bust read file error: read notes: is a directory... 2025-9-30 08:23:0 | 阅读: 14 | 收藏 | The Hacker News - thehackernews.com criminal sextortion romance suspects wen

CISA Sounds Alarm on Critical Sudo Flaw Actively Exploited in Linux and Unix Systems 美国网络安全机构CISA将影响Linux系统Sudo工具的严重漏洞CVE-2025-32463加入已知被利用漏洞目录，该漏洞允许攻击者以root权限执行任意命令。同时新增四例被利用漏洞，并敦促相关机构在10月20日前修复。... 2025-9-30 05:41:0 | 阅读: 8 | 收藏 | The Hacker News - thehackernews.com exploited security injection remote kev

EvilAI Malware Masquerades as AI Tools to Infiltrate Global Organizations read file error: read notes: is a directory... 2025-9-29 16:36:0 | 阅读: 9 | 收藏 | The Hacker News - thehackernews.com software security recipe evilai

⚡ Weekly Recap: Cisco 0-Day, Record DDoS, LockBit 5.0, BMC Bugs, ShadowV2 Botnet & More read file error: read notes: is a directory... 2025-9-29 12:36:0 | 阅读: 15 | 收藏 | The Hacker News - thehackernews.com malicious security microsoft cloud

The State of AI in the SOC 2025 - Insights from Recent Study 安全运营中心面临警报激增和人员压力，传统模式难以应对。AI从实验转为必需工具，用于分类、检测和威胁搜索，提升效率并减少疲劳。... 2025-9-29 11:30:0 | 阅读: 16 | 收藏 | The Hacker News - thehackernews.com security prophet leaders operational reveals

Microsoft Flags AI-Driven Phishing: LLM-Crafted SVG Files Outsmart Email Security read file error: read notes: is a directory... 2025-9-29 08:52:0 | 阅读: 22 | 收藏 | The Hacker News - thehackernews.com phishing microsoft security payload stage

First Malicious MCP Server Found Stealing Emails in Rogue Postmark-MCP Package read file error: read notes: is a directory... 2025-9-29 08:36:0 | 阅读: 10 | 收藏 | The Hacker News - thehackernews.com mcp library developer postmark malicious

China-Linked PlugX and Bookworm Malware Attacks Target Asian Telecom and ASEAN Networks 中亚和南亚的电信及制造业成为PlugX新变种攻击目标。该恶意软件结合RainyDay和Turian后门技术,利用合法应用加载恶意DLL,并采用特定加密算法。研究显示其与莲花熊猫及BackdoorDiplomacy组织相关联。... 2025-9-27 12:6:0 | 阅读: 84 | 收藏 | The Hacker News - thehackernews.com plugx bookworm panda mustang

Researchers Expose SVG and PureRAT Phishing Threats Targeting Ukraine and Vietnam 网络钓鱼攻击伪装乌克兰政府机构，利用恶意SVG文件诱导受害者下载ZIP档案，部署CountLoader释放Amatera Stealer和PureMiner恶意软件。攻击者采用无文件威胁技术，目标针对乌克兰政府机构。... 2025-9-26 16:40:0 | 阅读: 15 | 收藏 | The Hacker News - thehackernews.com stealer phishing purerat pureminer amatera

New COLDRIVER Malware Campaign Joins BO Team and Bearlyfy in Russia-Focused Cyberattacks 俄罗斯网络威胁组织COLDRIVER发起新一轮ClickFix攻击，利用BAITSWITCH和SIMPLEFIX恶意软件进行多阶段入侵。同时，BO Team和Bearlyfy等团伙也针对俄罗斯公司展开勒索和网络攻击活动。... 2025-9-26 12:45:0 | 阅读: 11 | 收藏 | The Hacker News - thehackernews.com powershell simplefix russia bearlyfy clickfix

Crash Tests for Security: Why BAS Is Proof of Defense, Not Assumptions read file error: read notes: is a directory... 2025-9-26 11:22:0 | 阅读: 12 | 收藏 | The Hacker News - thehackernews.com bas security dashboards defenses crash

Fortra GoAnywhere CVSS 10 Flaw Exploited as 0-Day a Week Before Public Disclosure 网络安全公司watchTowr Labs披露Fortra GoAnywhere MFT软件存在严重漏洞CVE-2025-10035（CVSS 10.0），允许无认证命令注入和远程代码执行。该漏洞自2025年9月10日起被积极利用，早于公开披露一周。攻击者利用此漏洞创建后门账户并上传恶意软件。Fortra已发布补丁修复问题。... 2025-9-26 09:22:0 | 阅读: 16 | 收藏 | The Hacker News - thehackernews.com goanywhere fortra watchtowr

New macOS XCSSET Variant Targets Firefox with Clipper and Persistence Module read file error: read notes: is a directory... 2025-9-26 09:9:0 | 阅读: 9 | 收藏 | The Hacker News - thehackernews.com xcsset clipboard xcode c2

Cisco ASA Firewall Zero-Day Exploits Deploy RayInitiator and LINE VIPER Malware read file error: read notes: is a directory... 2025-9-26 05:51:0 | 阅读: 58 | 收藏 | The Hacker News - thehackernews.com asa software security viper

Urgent: Cisco ASA Zero-Day Duo Under Attack; CISA Triggers Emergency Mitigation Directive read file error: read notes: is a directory... 2025-9-25 18:17:0 | 阅读: 8 | 收藏 | The Hacker News - thehackernews.com security asa rom appliances

Vane Viper Generates 1 Trillion DNS Queries to Power Global Malware and Ad Fraud Network 文章揭示了名为“Vane Viper”的威胁行为者长期利用恶意广告技术（malvertising）进行网络犯罪活动。该组织通过复杂的壳公司和不透明的所有权结构逃避责任，并借助受感染网站传播风险软件、间谍软件和恶意广告。其攻击手段包括滥用浏览器设置中的推送通知权限，在用户离开页面后继续展示广告。此外，“Vane Viper”与多个涉嫌欺诈的广告技术公司关联，其基础设施被用于分发多种网络威胁。... 2025-9-25 17:22:0 | 阅读: 8 | 收藏 | The Hacker News - thehackernews.com viper vane adtech network malicious

Salesforce Patches Critical ForcedLeak Bug Exposing CRM Data via AI Prompt Injection Salesforce Agentforce平台存在严重漏洞ForcedLeak（CVSS 9.4），允许攻击者通过间接提示注入窃取CRM数据。该漏洞利用Web-to-Lead功能，导致敏感信息泄露至攻击者控制的域名。Salesforce已修复并加强了URL控制机制。这凸显了AI安全治理的重要性。... 2025-9-25 15:17:0 | 阅读: 8 | 收藏 | The Hacker News - thehackernews.com injection malicious agentforce security salesforce

North Korean Hackers Use New AkdoorTea Backdoor to Target Global Crypto Developers read file error: read notes: is a directory... 2025-9-25 13:14:0 | 阅读: 16 | 收藏 | The Hacker News - thehackernews.com north eset korean tropidoor contagious