Android and Windows gamers worldwide potentially affected by bug in Unity game engine Unity引擎发现重大漏洞CVE-2025-59489，影响Android、Windows等系统，可能导致恶意代码执行。已提供修复补丁。微软建议暂时卸载易受攻击的应用；Steam将阻止包含恶意参数的游戏启动。... 2025-10-6 12:31:3 | 阅读: 26 | 收藏 | Over Security - Cybersecurity news aggregator - therecord.media unity security warned software developers

Salesforce providing support to customers listed on Scattered Spider extortion site 网络犯罪团伙Scattered Spider创建数据泄露网站威胁 Salesforce，并声称通过钓鱼攻击入侵多个公司账户。受害者包括 Google 等大公司，已支付超 1 亿美元赎金。 Salesforce 否认平台被攻破，并与执法机构合作应对威胁。... 2025-10-3 20:16:0 | 阅读: 35 | 收藏 | Over Security - Cybersecurity news aggregator - therecord.media salesforce scattered spider extortion

California AG sues city for allowing out-of-state searches of license plate reader database California's state government sued the city of El Cajon and its police department, alleging illegal use of an automated license plate reader database to assist law enforcement from other states, violating state law. The case highlights concerns over privacy and data sharing, with Flock Safety's technology facing scrutiny for misuse.... 2025-10-3 19:45:57 | 阅读: 7 | 收藏 | Over Security - Cybersecurity news aggregator - therecord.media police cajon bonta officers flock

Oracle links extortion campaign to bugs addressed in July patch 甲骨文公司证实其部分客户收到勒索邮件，黑客团伙Clop声称入侵其E-Business Suite系统并要求赎金以避免数据泄露。甲骨文正在调查，并建议客户应用最新补丁更新以修复潜在漏洞。... 2025-10-3 19:0:53 | 阅读: 16 | 收藏 | Over Security - Cybersecurity news aggregator - therecord.media clop extortion kaiser security

License plate reader company Flock launches new product that detects human voices Flock Safety 推出新系统 Raven 可检测枪击声和人类声音。该产品引发隐私担忧，并促使部分城市取消合作。技术误报问题也引发批评。... 2025-10-3 15:15:51 | 阅读: 12 | 收藏 | Over Security - Cybersecurity news aggregator - therecord.media flock police cameras cities residents

LinkedIn sues software company allegedly scraping data from millions of profiles 领英起诉软件公司ProAPIs及其CEO Rahmat Alam涉嫌运营数百万个虚假账户，非法抓取并出售用户数据。这些数据包括用户帖子、反应和评论等隐私信息。尽管领英能快速检测到此类行为，但因对方每日创建大量虚假账户而难以完全阻止。ProAPIs还滥用领英商标推广其产品。... 2025-10-3 14:15:57 | 阅读: 13 | 收藏 | Over Security - Cybersecurity news aggregator - therecord.media lawsuit proapis scrape scraped software

Cybercriminals are trying to extort executives with data allegedly stolen through Oracle tool 黑客声称通过甲骨文工具窃取数据，威胁企业高管支付赎金以避免泄露。该活动与Clop勒索团伙相关，涉及多个组织。... 2025-10-2 17:15:58 | 阅读: 14 | 收藏 | Over Security - Cybersecurity news aggregator - therecord.media clop mandiant moveit gtig

Dutch court rules Meta violated European law by pushing users to profiled feeds 荷兰法官裁定 Meta 因基于用户个人数据定制推荐内容违反欧洲《数字服务法案》，要求其两周内整改，否则将面临每日 10 万欧元罚款。该决定回应了荷兰非营利组织 Bits of Freedom 的诉讼，指控 Meta 控制用户新闻获取。法官强调用户应拥有真正的自主权和选择权。Meta 表示将上诉并称已采取措施遵守 DSA。... 2025-10-2 17:1:2 | 阅读: 8 | 收藏 | Over Security - Cybersecurity news aggregator - therecord.media freedom profiled dsa feeds ruling

European parliamentarians implore EU leadership to stop funding spyware 欧洲议会议员质疑欧盟为何资助间谍软件公司，指出意大利国有银行和欧盟国防基金等机构向相关企业拨款。调查发现，这些公司的技术涉嫌用于非法监视记者、人权捍卫者及政界人士。议员们呼吁提高资金分配的透明度与问责制，强调此类行为可能侵蚀民主与基本权利。... 2025-10-2 16:30:55 | 阅读: 20 | 收藏 | Over Security - Cybersecurity news aggregator - therecord.media european spyware cy4gate democracy parliament

Japanese brewer Asahi delays product launches, halts deliveries after cyberattack 日本啤酒巨头朝日集团遭遇网络攻击致业务中断，大部分工厂停工，物流瘫痪引发啤酒短缺担忧。新产品发布推迟，公司怀疑遭勒索软件攻击但未泄露数据。股价下跌近3%，海外业务未受影响。... 2025-10-2 13:46:9 | 阅读: 13 | 收藏 | Over Security - Cybersecurity news aggregator - therecord.media asahi japan beverage ransomware monday

Georgia Tech settles with DOJ over allegations of lax cybersecurity on federal projects 佐治亚理工学院的研究公司因被指控违反与美国空军和国防部合同中的网络安全要求而支付87.5万美元和解。前员工提起诉讼并获得部分赔偿金。学校否认指控并强调其对网络安全的承诺。案件涉及未安装和更新防病毒软件等问题。... 2025-10-2 12:1:9 | 阅读: 14 | 收藏 | Over Security - Cybersecurity news aggregator - therecord.media georgia antonakakis lawsuit justice

Researchers uncover spyware targeting messaging app users in the UAE 研究人员发现两款伪装成Signal和ToTok的间谍软件ProSpy和ToSpy，通过虚假网站和应用商店传播，在阿联酋进行针对性攻击，窃取敏感数据并持续运行。... 2025-10-2 09:15:56 | 阅读: 16 | 收藏 | Over Security - Cybersecurity news aggregator - therecord.media eset spyware tospy prospy uae

Millions impacted by data breaches at insurance giant, auto dealership software firm 两家公司披露了数据泄露事件的细节，确认数百万用户的敏感信息在今年夏季的安全事件中被暴露。Allianz Life保险公司在7月16日有149万名客户的信息被黑客通过云系统获取，包括姓名、地址、出生日期和社会安全号码。Motility软件公司在8月19日遭受勒索软件攻击，导致76.6万人的信息泄露。Scattered Spider和Pear勒索团伙分别对这两起事件负责。... 2025-10-2 01:0:58 | 阅读: 19 | 收藏 | Over Security - Cybersecurity news aggregator - therecord.media ransomware reynolds motility software security

1.2 million people had information stolen during cyberattack on WestJet 加拿大第二大航空公司WestJet在今年夏季遭受网络攻击,导致120万人的个人信息被盗,包括姓名、地址、护照等敏感资料,但密码和信用卡号未受影响。该公司正在与专家合作调查事件,并为受害者提供两年身份监控服务。此次攻击由据称与Scattered Spider犯罪组织有关的黑客实施,该组织近期活跃于航空业,已造成多起类似事件。... 2025-10-1 18:46:12 | 阅读: 9 | 收藏 | Over Security - Cybersecurity news aggregator - therecord.media westjet airline scattered spider warned

China-linked hacking group Phantom Taurus targeting embassies, foreign ministries 中国关联的网络间谍组织Phantom Taurus针对非洲、中东和亚洲的外交部、大使馆及电信公司发起攻击，目标是获取与地缘政治和军事行动相关的情报。该组织使用新型恶意软件NET-STAR进行高隐蔽性操作，并通过攻击技术供应商窃取外交通信和国防情报。... 2025-10-1 16:31:1 | 阅读: 17 | 收藏 | Over Security - Cybersecurity news aggregator - therecord.media taurus phantom ministries embassies espionage

Seniors targeted in global Facebook scam spreading new Android malware 研究人员发现一个诈骗活动利用Facebook群组吸引老年人参与社交活动，并诱导他们安装安卓恶意软件Datzbro。该软件具备间谍和银行木马功能，可窃取密码和敏感信息。活动起源于澳大利亚，并已扩散至多国。代码中的中文字符串表明开发者可能来自中国。... 2025-10-1 14:1:13 | 阅读: 11 | 收藏 | Over Security - Cybersecurity news aggregator - therecord.media datzbro spyware facebook ukraine

North Korea IT worker scheme expanding to more industries, countries outside of US tech sector 朝鲜通过非法IT工人计划扩大全球影响力，利用假身份或盗用文件在多个行业获取工作机会以规避制裁并赚取资金。Okta报告指出该计划已扩展至全球多个国家和行业，包括金融、医疗和政府等，并逐渐转向远程职位以应对美国的威胁意识提升。... 2025-9-30 20:46:0 | 阅读: 13 | 收藏 | Over Security - Cybersecurity news aggregator - therecord.media okta north korea korean industries

CISA orders federal gov to patch critical Fortra file transfer bug 美国网络安全机构要求联邦机构修复Fortra GoAnywhere MFT中的关键漏洞CVE-2025-10035。该漏洞评分满分10分，专家担心已被黑客利用。CISA已将其加入已知被利用漏洞列表，并要求于10月20日前修复。... 2025-9-30 17:45:54 | 阅读: 27 | 收藏 | Over Security - Cybersecurity news aggregator - therecord.media fortra exploited goanywhere 10035

CPPA fines Tractor Supply Company $1.4 million for privacy violations 加州隐私保护局对Tractor Supply Company处以135万美元罚款，因其违反消费者隐私法，在未提供选择退出数据共享权利、未发布隐私政策、未通知求职者隐私权及未经允许与第三方共享数据等方面存在违规行为。公司同意整改并任命合规官员监督四年。... 2025-9-30 16:45:53 | 阅读: 10 | 收藏 | Over Security - Cybersecurity news aggregator - therecord.media tractor cppa agreed applicants california

Cyber information-sharing law and state grants set to go dark as Congress stalls over funding 美国两个关键网络安全项目即将因国会僵局而到期。《网络安全信息共享法案》和《州及地方网络安全拨款计划》将暂停运作，引发两党互相指责。专家警告这将削弱国家网络防御能力。... 2025-9-30 16:30:54 | 阅读: 10 | 收藏 | Over Security - Cybersecurity news aggregator - therecord.media security homeland senate nation