Ukraine Warns of CABINETRAT Backdoor + XLL Add-ins Spread via Signal ZIPs 乌克兰计算机应急响应团队警告新的定向网络攻击活动，利用名为CABINETRAT的后门程序通过伪装成Excel插件的XLL文件传播。该恶意软件通过Signal应用分发，隐藏在与拘留越境者相关的文档中。CABINETRAT具备收集系统信息、执行命令和上传下载文件等功能，并采用多种反虚拟机和反分析技术以规避检测。... 2025-10-1 07:11:19 | 阅读: 15 | 收藏 | The Hacker News - thehackernews.com xll ukraine cabinetrat shellcode microsoft

$50 Battering RAM Attack Breaks Intel and AMD Cloud Security Protections read file error: read notes: is a directory... 2025-9-30 18:42:0 | 阅读: 16 | 收藏 | The Hacker News - thehackernews.com memory battering cloud spectre hardware

Phantom Taurus: New China-Linked Hacker Group Hits Governments With Stealth Malware read file error: read notes: is a directory... 2025-9-30 16:7:0 | 阅读: 11 | 收藏 | The Hacker News - thehackernews.com taurus phantom espionage

Researchers Disclose Google Gemini AI Flaws Allowing Prompt Injection and Cloud Exploits Google Gemini AI助手被发现存在三个安全漏洞（已修复），分别影响其搜索个性化模型、云助手和浏览工具。攻击者可利用这些漏洞进行注入攻击，导致用户隐私泄露和数据窃取。... 2025-9-30 13:18:0 | 阅读: 16 | 收藏 | The Hacker News - thehackernews.com gemini cloud injection attackers security

Microsoft Expands Sentinel Into Agentic Security Platform With Unified Data Lake 微软扩展其 Sentinel 安全平台，新增数据湖、图谱功能及 AI 模型协议服务器，助力整合多源数据、增强威胁检测与响应能力。... 2025-9-30 13:0:0 | 阅读: 14 | 收藏 | The Hacker News - thehackernews.com security copilot microsoft lake signals

Stop Alert Chaos: Context Is the Key to Effective Incident Response 传统安全运营中心（SOC）面临警报过多和信息混乱的挑战。认知型SOC通过上下文关联和AI技术将分散的警报转化为有意义的故事，帮助分析师快速识别威胁并减少误报。这种模式不仅提升了效率和准确性，还使安全团队能够专注于真正的威胁应对和防御策略优化。... 2025-9-30 11:30:0 | 阅读: 11 | 收藏 | The Hacker News - thehackernews.com noise security signals contextual

Urgent: China-Linked Hackers Exploit New VMware Zero-Day Since October 2024 read file error: read notes: is a directory... 2025-9-30 10:57:0 | 阅读: 13 | 收藏 | The Hacker News - thehackernews.com cloud thiebaut unc5174 windows

New Android Trojan “Datzbro” Tricking Elderly with AI-Generated Facebook Travel Events 研究人员发现了一种新型安卓银行木马Datzbro，专门针对老年人通过社交媒体活动诱导下载恶意应用。该木马可远程控制设备、窃取密码及锁屏PIN，并利用屏幕布局模拟技术进行操控。其目标包括澳大利亚等多国用户，开发者疑似中文威胁团伙。... 2025-9-30 09:20:0 | 阅读: 15 | 收藏 | The Hacker News - thehackernews.com datzbro facebook security download

Evolving Enterprise Defense to Secure the Modern AI Supply Chain read file error: read notes: is a directory... 2025-9-30 08:33:0 | 阅读: 15 | 收藏 | The Hacker News - thehackernews.com security wing governance exposure adoption

U.K. Police Just Seized £5.5 Billion in Bitcoin — The World’s Largest Crypto Bust read file error: read notes: is a directory... 2025-9-30 08:23:0 | 阅读: 18 | 收藏 | The Hacker News - thehackernews.com criminal sextortion romance suspects wen

CISA Sounds Alarm on Critical Sudo Flaw Actively Exploited in Linux and Unix Systems 美国网络安全机构CISA将影响Linux系统Sudo工具的严重漏洞CVE-2025-32463加入已知被利用漏洞目录，该漏洞允许攻击者以root权限执行任意命令。同时新增四例被利用漏洞，并敦促相关机构在10月20日前修复。... 2025-9-30 05:41:0 | 阅读: 12 | 收藏 | The Hacker News - thehackernews.com exploited security injection remote kev

EvilAI Malware Masquerades as AI Tools to Infiltrate Global Organizations read file error: read notes: is a directory... 2025-9-29 16:36:0 | 阅读: 14 | 收藏 | The Hacker News - thehackernews.com software security recipe evilai

⚡ Weekly Recap: Cisco 0-Day, Record DDoS, LockBit 5.0, BMC Bugs, ShadowV2 Botnet & More read file error: read notes: is a directory... 2025-9-29 12:36:0 | 阅读: 20 | 收藏 | The Hacker News - thehackernews.com malicious security microsoft cloud

The State of AI in the SOC 2025 - Insights from Recent Study 安全运营中心面临警报激增和人员压力，传统模式难以应对。AI从实验转为必需工具，用于分类、检测和威胁搜索，提升效率并减少疲劳。... 2025-9-29 11:30:0 | 阅读: 20 | 收藏 | The Hacker News - thehackernews.com security prophet leaders operational reveals

Microsoft Flags AI-Driven Phishing: LLM-Crafted SVG Files Outsmart Email Security read file error: read notes: is a directory... 2025-9-29 08:52:0 | 阅读: 28 | 收藏 | The Hacker News - thehackernews.com phishing microsoft security payload stage

First Malicious MCP Server Found Stealing Emails in Rogue Postmark-MCP Package read file error: read notes: is a directory... 2025-9-29 08:36:0 | 阅读: 15 | 收藏 | The Hacker News - thehackernews.com mcp library developer postmark malicious

China-Linked PlugX and Bookworm Malware Attacks Target Asian Telecom and ASEAN Networks 中亚和南亚的电信及制造业成为PlugX新变种攻击目标。该恶意软件结合RainyDay和Turian后门技术,利用合法应用加载恶意DLL,并采用特定加密算法。研究显示其与莲花熊猫及BackdoorDiplomacy组织相关联。... 2025-9-27 12:6:0 | 阅读: 88 | 收藏 | The Hacker News - thehackernews.com plugx bookworm panda mustang

Researchers Expose SVG and PureRAT Phishing Threats Targeting Ukraine and Vietnam 网络钓鱼攻击伪装乌克兰政府机构，利用恶意SVG文件诱导受害者下载ZIP档案，部署CountLoader释放Amatera Stealer和PureMiner恶意软件。攻击者采用无文件威胁技术，目标针对乌克兰政府机构。... 2025-9-26 16:40:0 | 阅读: 20 | 收藏 | The Hacker News - thehackernews.com stealer phishing purerat pureminer amatera

New COLDRIVER Malware Campaign Joins BO Team and Bearlyfy in Russia-Focused Cyberattacks 俄罗斯网络威胁组织COLDRIVER发起新一轮ClickFix攻击，利用BAITSWITCH和SIMPLEFIX恶意软件进行多阶段入侵。同时，BO Team和Bearlyfy等团伙也针对俄罗斯公司展开勒索和网络攻击活动。... 2025-9-26 12:45:0 | 阅读: 15 | 收藏 | The Hacker News - thehackernews.com powershell simplefix russia bearlyfy clickfix

Crash Tests for Security: Why BAS Is Proof of Defense, Not Assumptions read file error: read notes: is a directory... 2025-9-26 11:22:0 | 阅读: 14 | 收藏 | The Hacker News - thehackernews.com bas security dashboards defenses crash