Кто-то очень хотел порулить индийским заводом через открытый код.

Обычное сканирование системы в этот раз уже не поможет.

Кто станет новым светилом науки — робот или человек, который его обучает?

Как работает самый дешевый способ раздавать интернет-страницы.

Индустрия расплачивается за невнимательность создателей Nx Console.

Как прошла масштабная операция против мошенников в 13 странах.

Windows Update научится сама откатывать сбойные драйверы без участия пользователя.

Россия, Бразилия и Индия вошли в число стран, наиболее затронутых сталкерским ПО.

Стрелять Patriot по дронам — слишком дорогое удовольствие даже для США.

В новом релизе Битрикс24 добавил Вайбкод, Проекты ИИ, Чекин 2.0 и ИИ-агентов

Полицейские нашли новый способ ловить преступников.

ФБР предупредило американские учебные заведения об угрозе со стороны хакерской группировки ShinyHunters.

Yовый вирус Reaper обходит защиту macOS.

Американские спецы показали новый уровень хранения секретов.

За агрессивной экспансией стояла не случайность, а холодный расчёт.

Реальность такова, что в 90 % случаев причиной успешных пентестов становится скомпрометированная учётная запись.

Важно проверять состояние устройства не только в момент авторизации и аутентификации, но и на протяжении всей сессии.

В третьем опросе зрители поделились, что в защите удалённого доступа на практике вызывает наибольшие сложности (мультивыбор):Сопротивление сотрудников требованиям ИБ — 74 %.

Что в защите удалённого доступа на практике вызывает наибольшие сложности?

ВыводыОбсуждение защиты удалённого доступа в 2026 году показало, что традиционный VPN перестал быть универсальным решением.

В первом случае приложение самостоятельно обращается к системе управления секретами и запрашивает данные в момент выполнения.

Результаты опроса эфира AM Live по использованию систем управления секретамиМировой рынок систем управления жизненным циклом секретовСистемы управления жизненным циклом секретов рассматриваются как часть рынка управления ключами и секретными данными.

Российский рынок систем управления жизненным циклом секретовРынок систем управления секретами в России претерпел существенные изменения после того, как использование версий Vault после 1.14.8 в продуктах с коммерческой выгодой стало невозможным.

StarVaultСистема предназначена для централизованного безопасного управления …

Продолжаем сравнивать российские сервисы защиты от DDoS-атак по их технологическому профилю, гарантиям провайдеров (SLA), условиям технической поддержки, возможностям кастомизации и пр.

ВведениеВ первой части сравнения услуг по защите от DDoS-атак мы рассказали о том, какими функциями, возможностями и особенностями обладают сервисы от российских ИТ-компаний и ИБ-вендоров CURATOR, DDoS-Guard, Kaspersky, NGENIX и StormWall.

Сопоставительная таблица содержит сведения по тем же критериям сравнения, которые использовались при детальном описании услуг CURATOR.ANTIDDOS, DDoS-Guard, Kaspersky DDoS Protection, «NGENIX Защита от DDoS-атак» и «StormWall Защита от DDoS-атак».

В рамках L7-защиты (Web DD…

Место DAST в DevSecOpsМетодика DAST строится на симуляции атак на работающее приложение, позволяющей объективно оценить его устойчивость к реальным рискам.

SAST и SCA эффективны на этапе написания кода, DAST — на этапе тестирования работающего приложения, IAST — для глубокого анализа с контекстом.

Обзор отечественных DAST-решенийНа российском рынке представлено несколько типов DAST-решений, предназначенных для динамического анализа безопасности приложений.

Схема DAST-анализа в Solar appScreenerОсобенности решения:Единая технологическая платформа для комплексного анализа безопасности приложений при помощи модулей SAST, DAST и OSA.

Важно чётко представлять, под какие задачи выбирать тот или и…

Ручное управление добавляет нагрузку на сотрудников: один специалист тратит в среднем 25 минут в день на операции с секретами, что повышает вероятность ошибок и человеческого фактора.

В итоге подобные просчёты в работе с секретами приводят к их компрометации и последующим потерям.

О факте утечки впервые сообщила компания GitGuardian, которая отслеживает GitHub на наличие секретных токенов, учётных данных для баз данных и сертификатов.

В течение этого периода секрет используется для подтверждения личности пользователя и предоставления доступа к ресурсам в рамках заданных прав.

В рамках атаки посредника (AitM) злоумышленник может не только просматривать передаваемые данные, но и модифицироват…

Система опирается только на внешние сигналы, и SOC реагирует уже на поздних стадиях.

Атаки MFA‑fatigue и отсутствие связи между сигналамиВ атаках MFA-fatigue злоумышленники давят на пользователя, а не на защиту.

Как только защита развёрнута только на серверах или только на ноутбуках, появляются зоны, через которые злоумышленники спокойно проникают в сеть и развивают атаку.

SOC тратит время на шум, пропускает критичные события, а EDR/XDR превращаются в панель мониторинга, а не в инструмент обнаружения атак.

Чем выше доля автоматизации, тем меньше нагрузка на SOC и тем быстрее блокируются типовые сценарии.

Исходный код сначала преобразуется во внутреннее представление, после чего применяются алгоритмы анализа и правила поиска уязвимостей.

Деобфускация направлена на устранение механизмов запутывания кода, которые применяются для усложнения анализа и сокрытия реальной функциональности программы.

Российский рынок SASTВ 2025 году проведён цикл испытаний статических анализаторов исходного кода при организационной и методической поддержке ФСТЭК России.

Испытания позволили проверить соответствие инструментов требованиям стандарта ГОСТ Р 71207–2024, а также выявить особенности практического применения средств статического анализа исходного кода.

АИСТ-САИСТ-С — анализатор исходных текстов C и C++-прог…

Системы SOAR (Security Orchestration, Automation and Response) позволяют собирать данные о событиях ИБ из различных источников и обрабатывать их.

Именно к таким средствам относят системы класса «оркестрация, автоматизация и реагирование на инциденты информационной безопасности» (Security Orchestration, Automation, and Response, SOAR).

Решения класса SOARФункции решений SOAR и IRP во многом пересекаются, поэтому ранее их часто относили к единой линейке — SOAR/IRP.

ASoarASoar — это отечественная платформа класса «оркестрация, автоматизация и реагирование на инциденты информационной безопасности» (Security Orchestration, Automation, and Response, SOAR), которая выступает в роли координатора си…

Критерии выбора сервиса (услуги) по защите от DDoSНа рынке услуг защиты от DDoS-атак сейчас нет недостатка ни в предложениях, ни в технологиях.

Методология сравнения услуг по защите от DDoS-атакВ сравнении участвуют российские поставщики услуг по защите веб-приложений, сайтов и сетей от DDoS-атак, имеющие программное обеспечение собственной разработки в реестре Минцифры России.

Характеризует внутреннее устройство услуги: географию точек присутствия, оборудование и ПО в ЦОДах, режимы защиты и т. д.Блок № 4 — «Разновидности защиты».

Результаты анализа применяются для классификации трафика и принятия решений о его блокировке либо дополнительной валидации Технологии машинного обучения и искусст…

Приход эры Agentic AI породил мнение, что ИИ способен потеснить или даже заменить человека.

Например, можно ли использовать единую концепцию ИИ для построения всех ИИ-систем, если уже сейчас выявлено несколько различных типов таких систем?

(International AI Safety Report, 2026)Признаки отличий человека и ИИМы вплотную подошли к главному вопросу: в чём разница между человеком и ИИ?

Доверие человека к ИИ не формируется само по себе.

Приведённый список отличий человека и ИИ ясно показывает, что между ними сохраняется множество принципиальных различий.

Сегодня на отечественном рынке представлен широкий выбор систем управления ключевыми носителями и цифровыми сертификатами.

Основы и назначение систем PKIПод термином инфраструктура открытых ключей (Public Key Infrastructure, PKI) в сфере информационной безопасности понимают совокупность стандартов, ролей, политик и процедур для управления цифровыми сертификатами.

Для этого система управляет полным жизненным циклом цифровых сертификатов: от их генерации и распространения до использования, хранения и своевременного отзыва.

Государственные службы применяют PKI для цифровой идентификации граждан, защиты информационных систем госорганов и обеспечения юридической силы электронных документов в адм…

Там так или иначе поднимается вопрос внедрения ИИ, в том числе практические аспекты.

А на технологических конференциях при анонсе новых продуктов или сервисов всячески подчёркивается, как и где применяется ИИ и как он помогает покупателям и заказчикам внедрять свои решения на его основе.

Завершило мероприятие круглое обсуждение «ИИ не для разговоров, а для задач.

Участники дискуссии «ИИ не для разговоров, а для задач.

Плохо просчитанная экономикаВторой по значимости проблемой при реализации проектов внедрения ИИ в последнее время, когда ИТ-бюджеты снижаются, стала экономика.

Сравнение возможностей человека и ИИ показывает, что классическое образование не только сохранится, но и обеспечит технологический суверенитет.

«Мы видим свою миссию в развитии ИБ в целом, в развитии экосистемы сетевого доверия и продвижении подходов ИБ», — заявил руководитель UserGate.

Но как это соотносится с возможными изменениями в образовательном процессе с приходом эры агентных ИИ (Agentic AI)?

Другие считают, что произойдёт сдвиг в наборе востребованных навыков, но в целом это будет не революционный, а линейный процесс развития.

Самое важное — такой подход не только остаётся базовым, но и его роль будет возрастать по мере развития Agentic AI.

Пентестер скептически смотрит на подозрительно открытый FTP с anonymous-входом и на файл passwords.txt посреди десктопа.

Как использовать LLM для разведки, как встроить агента в киллчейн, как ускорить bug bounty, как сделать SAST умнее.

Зеркальный вопрос, как этого AI-пентестера ловят и что с ним делают, когда поймают, почти не звучит.

Он ходит по сети с настроем «всё, что выглядит как добыча, является добычей», и это не проблема конкретного фреймворка.

Это архитектурное свойство AI-агентов: они не различают данные и инструкции в своём контекстном окне, и не различают правдоподобную ловушку от правдоподобной цели .

Если бы мы так не сделали, то окно терминала зависло бы, и пользоваться терминалом мы бы не смогли.

Допустим, у нас есть доступ к internal-web.int, и на нём располагается веб-страница, доступная только через петлевой интерфейс.

Пытаясь с этим справиться, обнаруживаем, что vuln-server.int доступен как с campfire.int, так и с internal-web.int.

Если бы мы так не сделали, то окно терминала зависло бы, и пользоваться терминалом мы бы не смогли.

Это удобно при работе как с пользовательскими, так и с сервисными аккаунтами.

За пару месяцев до этого как раз вступили в силу новые "дорогие" штрафы за масштабные утечки (так называемые "оборотные штрафы за утечки", хотя они не оборотные на самом деле).

Итак, у четырех компаний Ориона утекли данные от 10 до 100 тысяч субъектов, у одной - от 1 тысячи до 10 тысяч субъектов и еще у одной - менее тысячи субъектов.

У одной из компаний утекли данные более 4 тысяч пользователей, у другой - более 36 тысяч.

Это тем более дико выглядит на фоне штрафов в 60 - 150 тысяч, которые назначаются за незаконное использование персональных данных одного человека.

Одно маркетинговое письмо, отправленное без согласия на рассылки, обходится дороже, чем утечка данных десятков тысяч пользова…

В этой статье речь пойдет о том, как понять и защитить рабочие процессы в GitHub Actions: от модели угроз до механизмов контроля безопасности.

Вторая часть будет посвящена формирующемуся ландшафту угроз, связанных с actions на базе ИИ.

Модель угроз для GitHub ActionsGitHub Actions выполняет код в ответ на события в репозитории.

pull_request_target и другие опасные триггерыСамый критичный и при этом часто неправильно понимаемый риск CI/CD — ошибка конфигурации pull_request_target в GitHub Actions.

Другие опасные триггерыpull_request_target — самый обсуждаемый опасный триггер, и это заслуженно, учитывая его внутреннюю связь с кодом, который он запускает и с которым взаимодействует.

А через сбой в работе бита потенциальный злоумышленник может получить доступ к более высоким привилегиям в памяти, откуда скомпрометирует процессор.

В отличие от классической Rowhammer на CPU, где атакующий «долбит» две строки памяти в надежде перевернуть бит в соседней строке, в GPUHammer три действия.

Во-первых, исследователи провели обратный инжиниринг проприетарного драйвера NVIDIA и выявили функцию, раскрывающую физическое отображение виртуальной памяти на банки GDDR6.

Но достижение не в самом количестве, а в том, что с ним атака из игры в рулетку становится инженерной задачей с предсказуемым результатом.

Для этого в таблицах страниц GPU существуют специальные записи, которые указывают…

В сети появился zero-day эксплойт, позволяющий любому человеку с физическим доступом к системе Windows 11 обойти стандартные настройки BitLocker и получить полный доступ к зашифрованному диску за считанные секунды.

Он надёжно обходит стандартные конфигурации BitLocker в Windows 11 — полнотомное шифрование диска, которое Microsoft предоставляет для защиты содержимого от любого, кто не обладает ключом дешифрования.

Попасть в среду восстановления Windows (Windows Recovery Environment, WinRE).

Дорманн также обратил внимание, что в коде Windows-библиотеки fstx.dll явно присутствует поиск пути \\System Volume Information\\FsTx в функции FsTxFindSessions() .

Использовать PIN-код для BitLocker (есл…

В комментариях меня спросили о иных инструментах и методах проверки в связи с чем, мы вышли к ключевому вопросу: почему, если основная LLM защищена, кастомные боты на ее основе остаются уязвимыми?

Но production-бот, построенный поверх модели, добавляет новый attack surface: system prompts, память диалога, RAG, tools, webhook-логику и внешние API.

Исследования охватывают Custom GPTs, однако те же attack surface — system prompt, RAG, webhook-логика — присутствуют в любом production LLM-боте, включая Telegram.

Но для сложных production-ботов с webhook-интеграциями, состоянием диалога и бизнес-логикой его приходится сильно менять.

Существующие инструменты ориентированы либо на model probing, ли…

Данная тревожная тенденция полностью сохраняется и в текущем 2026 году.

Атакованные секторы промышленности в России (2024–2025)За рассматриваемый период в российском производственном секторе была зафиксирована активность 55 профессиональных киберпреступных группировок (APT-групп и хактивистов).

Применение систем HCC (контроль узлов и парольных политик), NCC (безопасность сети и сегментация) и UCC (защита учетных записей и предотвращение их компрометации).

Обнаружение аномалий: Поиск в режиме реального времени признаков компрометации, сетевых туннелей, слабых паролей и атак на Windows/Linux.

Смещение фокуса атак с банального шифрования ради выкупа на скрытный долгосрочный шпионаж требует от …

Зачем DoH вообще на роутере, а не на устройствеМожно поставить DoH-клиент на ноут и считать, что готово.

Не «не может расшифровать», а буквально не видит: наружу уходит TLS-поток на 443-й порт к резолверу.

Это не теория: я ловил MITM на DNS в одном азиатском отеле в 2023-м, где paypal.com резолвился во что-то очень не похожее на PayPal.

Asuswrt-Merlin это кастомная прошивка от энтузиаста, которая совместима с большинством Asus RT-AX и старше, и в ней уже есть встроенный dnscrypt-proxy (он умеет и DNSCrypt, и DoH).

На OpenWRT — прозрачно, на Mikrotik с RouterOS 7 — удобно, на Asus с Merlin — терпимо.

В этой статье детально разберем «анатомию» Kerberos в среде Linux и покажем, как заставить этот протокол эффективно работать на стыке системного администрирования и веб-разработки.

Иллюстрация процесса аутентификации по протоколу KerberosЕсли рассматривать реализацию Kerberos в ALD Pro (FreeIPA), то компоненты Kerberos KDC/Kadmin реализованы с использованием программного обеспечения MIT Kerberos.

Чтобы описанный выше механизм работал в реальной сети, системе нужно понимать, кому именно выдается билет и в рамках какой юрисдикции он действует.

Значение KEYRING говорит о том, что билеты хранятся в защищенной области памяти ядра, а не в файле в /tmp.

Если на сервере не установлены пакеты libkrb…

Однако CA не лечит и не ставит пломбы, но честно показывает, кто уже поселился в вашей сети и как давно.

Если говорить прямо, CA собирает артефакты и ищет следы присутствия — те, что не видят, например, EDR и SIEM.

Не перезагружайте подозрительные системы, не переустанавливайте их и не запускайте «еще один антивирус» в надежде быстро почистить инфраструктуру.

И не подменяйте утилиты, которые дает команда CA, на «похожие из интернета» — это ломает сбор данных и сбивает расследование.

Если же Compromise Assessment не выявил следов компрометации — да, он показывает, что пока все хорошо, но это не повод расслабляться.

Главная ошибка современной дискуссииСегодня в индустрии всё чаще формируется ошибочное противопоставление:либо governance и ISO/IEC 27001,либо ATT&CK и operational security.

ATT&CK не отвечает:кто владелец риска;как проводится management review;каким образом организован внутренний аудит;как управляются поставщики;как реализуется supplier security;каким образом обеспечивается forensic readiness.

Но отсутствие governance приводит к тому, что operational security превращается в набор разрозненных технических инициатив.

В результате расследование превращается не в reconstruction attack chain, а в попытку восстановить события по фрагментам артефактов.

ATT&CK не является системой защитыВ последни…

Ключ восстановления не запрашивается.

Почему среда восстановления доверяет сторонним носителямАрхитектура предзагрузочного окружения создавалась для диагностики и восстановления после сбоев.

Журналы CLFS и механизмы транзакций проектировались для согласования состояния разделов, а не для изоляции от физического вмешательства.

Администраторы применяют параметр DisableWinRE в реестре или через конфигурацию загрузчика.

Администраторам следует помнить, что ни одна программная защита не заменит физического контроля и чётких процедур обращения с оборудованием.

Уязвимости снабжены демонстрационным кодом, который вполне возможно применить для реальных атак, — и это при отсутствии патча от производителя.

Известно, что эксплойт работает только в отношении Windows 11 и только для систем с дефолтными настройками шифрования, при которых ключи хранятся в модуле TPM.

В отличие от YellowKey, в данном случае предложенный анонимом Nightmare Eclipse эксплойт является неполным — автор комментирует это в стиле «кто надо, сам догадается, как докрутить».

Наконец, 17 мая был опубликован эксплойт MiniPlasma (новость на BleepingComputer и на Хабре) — он эксплуатирует еще одну уязвимость в Windows (точнее, в компоненте cldflt.sys) и также обеспечивает повышение приви…

После критики со стороны ИБ-исследователей разработчики Microsoft решили изменить поведение браузера Edge, которое компания изначально называла «особенностью работы приложения».

Теперь браузер не будет загружать все сохраненные пароли в память при запуске.

Позднее в Microsoft подтвердили эту позицию и сообщили журналистам издания BleepingComputer, что обнаруженное Реннингом поведение браузера является ожидаемым.

Руководитель направления безопасности Microsoft Edge Гарет Эванс (Gareth Evans) сообщил, что будущие версии браузера перестанут автоматически загружать сохраненные пароли в память при старте.

Исправление уже доступно в Edge Canary, и в ближайшем будущем оно распространится на все по…

Критическая уязвимость CVE-2026-42945 в NGINX, получившая название NGINX Rift, уже используется в реальных атаках.

Напомним, что проблема представляет собой переполнение буфера хипа в модуле ngx_http_rewrite_module и затрагивает как NGINX Open Source, так и NGINX Plus.

В результате специальный флаг не передается должным образом, и NGINX начинает записывать пользовательские данные за пределы выделенной области памяти.

В конфигурации по умолчанию эксплуатация проблемы обычно приводит лишь к сбою в работе worker-процесса и перезапуску сервера, то есть к DoS-атаке.

Напомним, что разработчики F5 уже выпустили исправления в версиях NGINX Open Source 1.31.0 и 1.30.1, а также в NGINX Plus R36 P4 и …

Из это­го гай­да ты узна­ешь, как пен­тесте­ры под­делыва­ют зап­росы для обхо­да аутен­тифика­ции, под­бира­ют пароли и находят дру­гие уяз­вимос­ти с помощью Burp.

Либо о том, что ты хочешь под­готовить­ся к сер­тифика­ции Burp Suite Certified Practitioner.

com/ juice-shop/ juice-shop.

Клю­чевое в Burp — перех­ват зап­росов/отве­тов и их модифи­кация.

До пер­вых зап­росов кноп­ку Open browser можешь най­ти и на вклад­ке Target, пос­ле чего она про­падет.

ИБ-исследователь Джастин О'Лири (Justin O'Leary) заявил, что разработчики Microsoft незаметно устранили критическую уязвимость в Azure Backup for AKS, но при этом отказались признавать проблему и не стали присваивать ей идентификатор CVE.

По словам эксперта, проблема затрагивала Azure Backup for AKS — сервис резервного копирования для Kubernetes-кластеров в Azure.

Однако 13 апреля в Microsoft Security Response Center (MSRC) отклонили отчет.

В компании заявили, что речь идет о ситуации, где атакующий «уже имел административный доступ к окружению», а значит, проблема не является уязвимостью.

При этом официально в Microsoft продолжают отрицать наличие бага.

Представители Mozilla раскритиковали британские власти за попытки запретить VPN в рамках закона Online Safety Act.

В Mozilla напомнили, что VPN — это не «инструмент для обхода запретов подростками», а базовая часть современной интернет-безопасности.

«VPN являются критически важным инструментом для обеспечения приватности и безопасности пользователей всех возрастов», — заявила менеджер Mozilla по вопросам публичной политики Свеа Виндвер (Svea Windwehr).

В свою очередь представители Mozilla утверждают, что VPN вообще не являются главным способом обхода ограничений.

В частности, разработчики Mozilla уже тестируют встроенный в Firefox VPN, и похожие функции постепенно появляются и в других брау…

Хакеры получили доступ к GitHub-инфраструктуре Grafana Labs с помощью похищенного токена и украли исходные коды компании.

Подчеркивается, что после обнаружения инцидента в компании нашли источник утечки учетных данных, отозвали украденные секреты и внедрили дополнительные меры защиты.

Неизвестно и то, сколько времени злоумышленники провели внутри инфраструктуры компании и какие именно исходники были похищены.

По словам исследователей, хакеры активно используют социальную инженерию, фишинг и украденные учетные данные для получения первоначального доступа.

При этом после публикации материалов о взломе представители ShinyHunters поспешили заявить журналистам, что не имеют отношения к CoinbaseC…

Большинство программ Security Awareness застревают на уровне формального комплаенса, не принося реальной пользы бизнесу и не делая инфраструктуру по-настоящему безопасной.

Однако, согласно признанным международным стандартам (например, SANS Security Awareness Maturity Model), формирование осведомленности — это сложнейший эволюционный процесс.

Именно для того, чтобы помочь специалистам освоить методологию построения таких систем, был создан образовательный курс Inseca Security Awareness.

Внедрение процесса Security Awareness в организации: оцениваем текущий уровень зрелости (сегментация аудитории, сбор данных от средств защиты информации), строим дорожную карту мероприятий.

Авторами выступаю…

Специалисты Microsoft предупредили об атаках на новую zero-day уязвимость в Exchange Server, получившую идентификатор CVE-2026-42897.

В компании подчеркивают, что уязвимость уже используется в реальных атаках, хотя никаких технических деталей об этих инцидентах пока не раскрывается.

При этом в Microsoft отдельно предупреждают, что временные исправления могут вызывать побочные эффекты.

Для изолированных сред компания советует использовать Exchange On-premises Mitigation Tool (EOMT) и вручную применять защиту через Exchange Management Shell.

Полноценные патчи для Exchange SE RTM, Exchange 2016 CU23 и Exchange 2019 CU14/CU15 разработчики обещают выпустить позже.

ИБ-исследователи из компании Cyera раскрыли сразу четыре уязвимости в OpenClaw, которые можно объединить в полноценную цепочку атаки, названную Claw Chain.

По словам специалистов, баги позволяют атакующему закрепиться в системе, похитить конфиденциальные данные и получить устойчивый контроль над зараженной машиной.

Дело в том, что OpenClaw доверял клиентскому флагу senderIsOwner, который определял, имеет ли пользователь доступ к инструментам, предназначенным только для владельца.

Заголовок senderIsOwner больше не используется и не учитывается.

Все четыре уязвимости были исправлены в OpenClaw 2026.4.22, и пользователям рекомендуют установить обновление как можно скорее.

Справка: сканирование портовСка­ниро­вание пор­тов — стан­дар­тный пер­вый шаг при любой ата­ке.

На осно­ве этой информа­ции он выбира­ет сле­дующий шаг к получе­нию точ­ки вхо­да.

Улуч­шить резуль­таты его работы ты можешь при помощи такого скрип­та:#!/ bin/ bash ports = $( nmap -p- --min-rate = 500 $1 | grep ^[ 0- 9] | cut -d '/ ' -f 1 | tr ' ' ', ' | sed s/, $/ / ) nmap -p $ports -A $1Он дей­ству­ет в два эта­па.

На пер­вом выпол­няет­ся обыч­ное быс­трое ска­ниро­вание, на вто­ром — более тща­тель­ное, с исполь­зовани­ем встро­енных скрип­тов (опция -A ).

Под­робнее про работу с Nmap читай в статье «Nmap с самого начала.

Группировка Leek Likho (она же SkyCloak и Vortex Werewolf) продолжает атаковать российские организации и все активнее использует ИИ в своих операциях.

Исследователи обнаружили там переименованные компоненты Tor и OpenSSH: datagrip.exe на самом деле оказался Tor-клиентом, messenger.exe — sshd.exe, а reaper.exe — sftp.exe.

После этого в системе создаются скрытые задачи планировщика Windows для закрепления доступа, и запускается Tor с SSH-туннелями.

По мнению специалистов, такие особенности указывают на генерацию скриптов с помощью LLM.

Еще одна особенность изученной исследователями кампании — использование Tor с транспортом obfs4 и SSH-туннелей для сокрытия сетевой активности.

Линус Торвальдс (Linus Torvalds) раскритиковал поток сгенерированных ИИ баг-репортов, который, по его словам, делает рассылку, посвященную вопросам безопасности ядра Linux, «практически неуправляемой».

Проблема, как считает Торвальдс, заключается не в самих ИИ-инструментах, а в том, как именно их используют исследователи.

По его словам, разработчики тратят время не на исправление багов, а на бесконечную сортировку одинаковых сообщений.

При этом сам Торвальдс не выступает против использования ИИ в ИБ-исследованиях.

Наоборот, он считает такие инструменты полезными, если они действительно помогают разработчикам, а не создают лишнюю нагрузку.

Причем речь идет не о новом баге: как утверждает Chaotic Eclipse, Microsoft так и не устранила уязвимость, о которой еще в сентябре 2020 года сообщал эксперт Google Project Zero Джеймс Форшоу (James Forshaw).

Тогда проблема получила идентификатор CVE-2020-17103, и в декабре 2020 года представители Microsoft заявили, что выпустили исправление.

Однако теперь исследователь утверждает, что баг все еще работает без каких-либо изменений в оригинальном PoC-коде.

Правда, по его словам, эксплоит не срабатывает в последних Insider Canary-сборках Windows 11, что может говорить о скрытом исправлении проблемы в тестовых версиях ОС.

Ранее в Microsoft сообщали журналистам, что придерживаются принципа скоо…

Второй ежеквартальный номер «Хакера» уже передан в типографию.

Так как тираж ограничен, и допечатки мы не планируем, свободных экземпляров становится все меньше.

Поэтому если ты еще не оформил заказ — сейчас самое время.

Ежеквартальный «Хакер» — глянцевое издание объемом 240 полос (вдвое больше журналов образца 2015 года), которое выходит четыре раза в год.

Во втором ежеквартальном выпуске тебя ждут практические статьи, хардкорные разборы и материалы, которые хочется сохранить на полке, а не потерять в браузерных вкладках.

В Android 17 появится система, которая сможет распознавать поддельные звонки якобы «из банка» и автоматически разрывать соединение.

Так, если на устройство поступает звонок, который выглядит как вызов от банка, Android проверит его через установленное банковское приложение.

Хотя нововведение дебютирует вместе с Android 17, впоследствии в Google обещают распространить его и на более старые устройства под управлением Android 11 и новее.

В частности, в Android запретят доступ к API Accessibility Services для приложений, которые не обозначены как инструменты для помощи людям с ограниченными возможностями, отключат device-to-device unlocking и поддержку WebGPU в Chrome, а в уведомлениях чатов по…

Cybersecurity researchers have disclosed details of a new ad fraud and malvertising operation dubbed Trapdoor targeting Android device users.

"These apps trigger malvertising campaigns that coerce users into downloading additional threat actor-owned apps.

The secondary apps launch hidden WebViews, load threat actor-owned HTML5 domains, and request ads."

At the peak of the operation, Trapdoor accounted for 659 million bid requests a day, with Android apps linked to the scheme downloaded more than 24 million times.

Following responsible disclosure, Google has taken steps to remove all identified malicious apps from the Google Play Store, effectively neutralizing the operation.

Proof-of-concept (PoC) exploit code has now been released for a recently patched security flaw in the Linux kernel that could allow for local privilege escalation (LPE).

DirtyDecrypt impacts only distributions with CONFIG_RXGK enabled, such as Fedora, Arch Linux, and openSUSE Tumbleweed.

Copy Fail, a local privilege escalation flaw in the AF_ALG cryptographic socket interface, was disclosed by researchers at Theori on April 29, 2026.

"The work is n-day weaponization from a public upstream commit, which is standard practice once a security-relevant fix lands in a public tree."

"If we push a fix and upstream decides not to address it, the next upstream kernel release will supersede our patche…

The attack succeeded because the OAuth consent screen has become an instinctive click, and the controls built to stop credential phishing do not look at the consent layer.

Security researchers call the resulting condition consent phishing or OAuth grant abuse.

The MCP install, the OAuth consent click, and the browser-extension grant: each is a bridge issued at the speed of a single click.

What to CheckClosing this gap calls for treating OAuth consent the same way the security program already treats authentication.

The bridges live in a graph no individual application owns, and they are created at the speed of an MCP install or an OAuth consent click.

Drupal has issued an alert stating that it intends to release a "core security release" for all supported branches on May 20, 2026, from 5-9 p.m. UTC.

Reserve time on May 20 during the release window to determine whether your sites are affected and in need of an immediate update.

Ahead of the planned update window -Sites on Drupal 11.1 or 11.0 should update to at least Drupal 11.1.9.

"However, they may help mitigate the vulnerability for sites still on these old major versions until they upgrade to a supported release," Drupal said.

"We strongly recommend Drupal 8 or 9 sites update to at least Drupal 10.6 soon.

Critical security vulnerabilities have been disclosed in SEPPMail Secure E-Mail Gateway, an enterprise-grade email security solution, that could be exploited to achieve remote code execution and enable an attacker to read arbitrary mails from the virtual appliance.

(CVSS score: 10.0) - A path traversal vulnerability in the SeppMail User Web Interface's large file transfer (LFT) feature that could enable arbitrary file write, resulting in remote code execution.

CVE-2026-44126 (CVSS score: 9.2) - A deserialization of untrusted data vulnerability that allows unauthenticated remote attackers to execute code via a crafted serialized object.

(CVSS score: 9.2) - A deserialization of untrusted data…

Cybersecurity researchers have flagged a compromised version of the Nx Console extension that was published to the Microsoft Visual Studio Code (VS Code) Marketplace.

The extension in question is rwl.angular-console (version 18.95.0), a popular user interface and plugin for code editors like VS Code, Cursor, and JetBrains.

The VS Code extension has more than 2.2 million installations.

In August 2025, several npm packages were infected by a credential stealer as part of a supply chain attack campaign named s1ngularity.

Unlike the previous iteration, the latest attack targets the VS Code extension.

In yet another software supply chain attack, threat actors have compromised the popular GitHub Actions workflow, actions-cool/issues-helper, to run malicious code that harvests sensitive credentials and exfiltrates them to an attacker-controlled server.

"Every existing tag in the repository has been moved to point to an imposter commit that does not appear in the action's normal commit history," StepSecurity researcher Varun Sharma said.

"That commit contains malicious code that exfiltrates credentials from CI/CD pipelines that run the action."

The imposter commit, per the cybersecurity company, contains code that, upon being executed within a GitHub Actions runner, performs a series of act…

Cybersecurity researchers have discovered a fresh software supply chain attack campaign that has compromised various npm packages associated with the @antv ecosystem as part of the ongoing Mini Shai-Hulud attack wave.

The application security company said the tradecraft matches Mini Shai-Hulud, where a compromised maintainer account is leveraged to push out trojanized versions in quick succession.

The attacker is said to have published 639 malicious versions across 323 unique packages, including 558 versions across 279 unique @antv packages.

The stealer is identical to the Mini Shai-Hulud payload used in the SAP compromise.

The self-replicating Mini Shai-Hulud campaign is assessed to be the…

INTERPOL has coordinated a first-of-its-kind cybercrime crackdown across the Middle East and North Africa (MENA) that led to 201 arrests and the identification of an additional 382 suspects.

"The operation focused on neutralizing phishing and malware threats, as well as tackling cyber scams that inflict severe cost to the region," INTERPOL said in a statement.

"In addition to the arrests made, 3,867 victims were identified, and 53 servers were seized."

Elsewhere, Moroccan officials seized computers, smartphones, and external hard drives that contained banking data and software used for phishing operations.

Countries that took part in Operation Ramz included Algeria, Bahrain, Egypt, Iraq, Jo…

Supply chain attacks have become an increasingly serious concern because of the sheer scale at which trusted dependencies are reused.

The incident highlights how public AI model registries are emerging as a new software supply chain risk for enterprises, emphasizing why AI model supply chain security needs the same level of rigor as software supply chain security.

The incident highlights how public AI model registries are emerging as a new software supply chain risk for enterprises, emphasizing why AI model supply chain security needs the same level of rigor as software supply chain security.

"Because AI systems are software systems, these recommendations should be considered in addition to…

Increases operational exposure: The longer phishing activity stays unclear, the greater the chance of account abuse, remote access, or business disruption.

Check recent phishing attack with fake invitationPhishing attack exposed inside ANY.RUN sandboxA recent ANY.RUN investigation shows why this matters.

38 seconds needed to analyze the full attack chain of complicated phishing attack inside ANY.RUN’s sandboxAfter the sandbox exposes the full attack path, leadership gets what phishing investigations often lack: early proof of business exposure.

For CISOs, this is where phishing intelligence becomes operational control.

Turn Early Phishing Detection into Measurable SOC ImpactEarly phishing d…

That pattern should change how security teams think about the software supply chain.

Developer workstations are a real part of the software supply chain.

Treating them as 'just' ordinary endpoints leaves gaps among endpoint security, identity security, application security, and supply chain governance.

Treat The Workstation As A Local Supply Chain BoundaryThe modern software supply chain does not start when code is pushed.

It is time to treat the developer workstation as a local supply chain boundary.

Topping the list is a critical flaw impacting Ivanti Xtraction (CVE-2026-8043, CVSS score: 9.6) that could be exploited to achieve information disclosure or client-side attacks.

Patches have also been released by Broadcom for a high-severity flaw in VMware Fusion (CVE-2026-41702, CVSS score: 7.8) that could pave the way for local privilege escalation.

(Fixed in n8n versions 1.123.32, 2.17.4, and 2.18.1) CVE-2026-44791 (CVSS score: 9.4) - A bypass for CVE-2026-42232 that could result in remote code execution on the n8n host.

(Fixed in n8n versions 1.123.43, 2.20.7, and 2.22.1)(CVSS score: 9.4) - A bypass for CVE-2026-42232 that could result in remote code execution on the n8n host.

(Fixed in…

Cybersecurity researchers have discovered four new npm packages containing information-stealing malware, one of which is a clone of the Shai-Hulud worm open-sourced by TeamPCP.

Interestingly, the malicious payloads embedded into the four npm packages are different, despite them being published by the same npm user, "deadcode09284814."

Of the three packages, the "chalk-tempalte" package contains a clone of the Shai-Hulud worm released by TeamPCP.

The other two npm packages, "@deadcode09284814/axios-util" and "color-style-utils," carry a more straightforward functionality that siphons SSH keys, environment variables, cloud credentials, system information, IP address, and cryptocurrency wallet…

The truth is that geopolitical tension and conflict offers potentially rich pickings for opportunistic online scammers.

The backdrop of geopolitical turmoil, whether it’s Ukraine or Iran, adds weight to the stories they spin in order to achieve their goals.

Whatever tactics they choose, the end goal is usually the same: to harvest your credentials and/or personal and financial data.

They’re tried and tested and could come via email, text, social media or phone call.

Scammers know this and will create their own fake charities – or impersonate legitimate ones – to collect donations.

Every 10 minutes, the compromised computer’s fingerprint is sent to the C&C server via an HTTP POST request to https://book-happy.needbinding[.]icu/employment/documents-and-resources.

If the C&C server response content is larger than 100 bytes, the received data is executed using the eval method.

]icu N/A 2026‑03‑10 Cobalt Strike C&C server.

]icu N/A 2026‑04‑14 PicassoLoader C&C server.

]buzz N/A 2026‑04‑14 Cobalt Strike C&C server.

Smart glasses allow anyone to track and record the world around them.

So we probably shouldn’t be surprised that smart glasses are doing the rounds once more, after a failed attempt by Google to popularize them over a decade ago.

This presents significant security and privacy risks for both smart glasses users and the people they interact with.

Smart glasses give anyone the ability to record or take photos of strangers surreptitiously.

It might put you in physical danger if you lose track of your surroundingsFor bystanders:Keep your eyes peeled for anyone wearing smart glasses.

We identified and reported 28 CallPhantom apps on Google Play, cumulatively downloaded more than 7.3 million times.

The table in the Analyzed CallPhantom apps section lists each app along with its key details, including the download count.

Examples of CallPhantom initial screensCampaign overviewThe CallPhantom apps we found on Google Play mainly targeted Android users in India and the broader Asia‑Pacific region.

No data generation occurs until after payment; users have to pay or subscribe before any email would supposedly be sent.

For these third-party payment apps, CallPhantom apps either included hardcoded URLs or fetched the URLs dynamically from a Firebase realtime database, meaning th…

The most-used password globally is exactly what you think it is: ‘123456.’ That’s according to NordPass’s latest annual report on passwords exposed in data breaches globally.

NordPass’s data suggests that there are many more sites that set limited password policies and allow trivial passwords like ‘123456’.

However, I think there may also be elements of legacy in the method used to calculate the most common passwords.

Breaking the cycleNow, how do we resolve this never-ending loop of negativity about passwords, along with the ridiculous situation that platforms still permit non-secure passwords?

There is a simple and effective way to resolve it: mandate complex passwords or, better yet, MFA.

In this blogpost, we provide an overview of the attack, and the first public analysis of the Android backdoor.

sqgame is a gaming platform tailored for the people of Yanbian and hosts traditional Yanbian games for Windows, Android, and iOS.

Android BirdCall analysisIn this section, we provide a technical analysis of the Android BirdCall backdoor – an Android port of the eponymous Windows backdoor written in C++.

Trojanized Android gamesAndroid BirdCall is distributed via trojanized Android games.

During our research, we observed 12 Zoho WorkDrive drives used by the Android BirdCall backdoor for C&C purposes.

Tony also offers insights that the they may hold for your own cyber-defenses.

Iranian-linked hackers are targeting Rockwell programmable logic controllers (PLCs), with almost 4,000 such devices exposed on the networks of U.S. critical infrastructure organizations, according to a warning from multiple U.S. federal agencies.

How can critical infrastructure organizations using Rockwell PLCs stay safe?

How do the FBI's figures compare to those from 2024 and what was the most damaging scam to affect businesses last year?

Learn this and more from Tony's video and be sure to check out the March 2026 edition of Tony's monthly security news roundup for more insights.

Calm feels like evidence that the danger has passed, which changes behavior in ways that reintroduce the danger.

Yet more trapsThe formal state of an organization’s security is easy to measure and – assuming all turns out well – also easy to feel good about.

When the confidence shattersThis all matters also because a ransomware intrusion is a business continuity event whose effects extend far and wide.

Discipline is everythingIn addition to the right tools and people, security that holds up over time rests on the habit of watching and adapting.

It’s what security tools can ‘convert’ into detections and alerts that let security teams act in time.

GopherWhisper abuses legitimate services, notably Discord, Slack, Microsoft 365 Outlook, and file.io for command and control (C&C) communication and exfiltration.

GopherWhisper leverages Discord, Slack, Microsoft 365 Outlook, and file.io for C&C communications and exfiltration.

The malware we initially discovered consists of the following:JabGopher: an injector that executes the LaxGopher backdoor disguised as whisper.dll .

GopherWhisper toolset overviewRevealing messagesAs mentioned in the introduction, GopherWhisper is characterized by the extensive use of legitimate services such as Slack, Discord, and Outlook for C&C communication.

In addition, several interesting links to GitHub reposi…

Additionally, the code can also capture the victim’s payment card PIN and exfiltrate it to the operators’ C&C server.

Apart from relaying NFC data, the malicious code also steals payment card PINs.

The first NGate attacks employed the open-source NFCGate tool to facilitate the transfer of NFC data.

Once installed, the app asks to be set as the default payment app, which can be seen in Figure 10.

Initial request to set the app as the default NFC payment appFigure 11.

Collectively, they pave the way for the intrusion long before the ransom note arrives.

ESET’s detection data shows ransomware rising by 13 percent in the second half of 2025 compared to the prior six months, following a 30-percent increase in the first half of 2025.

Meanwhile, Verizon’s 2025 Data Breach Investigations Report (DBIR) recorded a jump from 32% to 44% in the share of breaches involving ransomware, while the median ransom payment fell from $150,000 to $115,000.

As the products have improved, criminals responded by building a clandestine market for tools designed to disable them.

The sheer investment in EDR killers is, somewhat perversely, the clearest measure of how much damage t…

Ignoring a real breach notification invites risk, but falling for a bogus one could be even worse.

What do fake breach notification scams look like?

Either:The scammers wait for a real breach, and piggyback on the news to send out a fake notification.

Spotting the red flagsFake breach notifications should be easy to spot if you know what to look out for.

Staying safeUnderstanding what to look out for is the first step to staying safe from breach notification scams.

This seems extremely low given the scale and frequency of supply chain incidents – and how broadly ‘supply chain’ really stretches.

Notably, 3CX itself was the downstream victim of another supply chain attack, courtesy of a compromised Trading Technologies X_TRADER installer.

CISOs rated supply chain disruption #2 for 2025 and #2 again for 2026, while CEOs rate supply chain disruption #3 for 2025.

Talk about a supply chain blind spot…What are key considerations around geopolitical supply chain risk?

Resilience is imperativeIn a world of escalating threats and risky interdependencies, supply chain cyber resilience is a competitive differentiator at the survival level.

If you’ve been the victim of fraud, you’re likely already a lead on a ‘sucker list’ – and if you’re not careful, your ordeal may be about to get worse.

Online scammers only care about one thing: making money, so when new opportunities arise to do just that, they take them.

Recovery fraud is an umbrella for several predatory tactics, all sharing a common goal: the “second strike.”How does recovery fraud work?

This is basically a kind of advance fee fraud.

If you’ve been victimized by recovery scammers, there are a limited set of options available to you.

Threat actors are using AI to supercharge tried-and-tested TTPs.

The former are using AI, automation and a range of techniques to sometimes devastating effect.

But n the other hand, threat actors are just doing what they have done before – supercharging existing tactics, techniques and procedures (TTPs) to accelerate attacks.

Threat actors are:Getting better at stealing/cracking/phishing legitimate credentials from your employees.

Catching threat actors at this point is essential – especially as exfiltration (when it begins) is also being accelerated by AI.

A phishing campaign is smuggling the powerful PureLogs information stealer onto targets’ Windows machines by hiding encrypted malicious payloads inside cat photos, Fortinet researchers discovered.

PawsRunner decrypts a download URL using RC4, then tries multiple network APIs to fetch a PNG image.

(In a previous campaign flagged by Swiss Post Cybersecurity, the PNG image was retrieved from archive.org.)

It then extracts an encrypted payload hidden withing the image (PNG) file using steganography markers, and bypasses Event Tracing for Windows and Windows 11 security features.

“This version of PureLogs uses extensive async/await patterns to improve task efficiency and complicate analysis.

The extension of Selector’s AI-driven observability approach into multi-cloud environments enables organizations to correlate signals across the full hybrid path.

While the hybrid path has become mission-critical, correlation across that path was never built into monitoring architecture.

Unlike tools that treat cloud and network observability as separate domains, the Selector solution is built around the end-to-end operational path.

The new capabilities include:Unified multi-cloud data ingestion: Selector ingests and harmonizes data from public cloud, private cloud, and on-prem data center environments, providing unified visibility across cloud and hybrid deployments.

Selector ingests and h…

LaunchDarkly has launched AgentControl, a new solution that gives software teams real-time control over AI agents in production.

As AI agents move into production, engineering teams need new ways to manage configuration, quality, and runtime behavior.

Unlike traditional code, agent behavior may vary across models, prompts, and production contexts, even when application code remains unchanged.

“LaunchDarkly has always been about giving software teams control at runtime over what their software does in production,” said Cameron Etezadi, CTO of LaunchDarkly.

As more AI-powered products and agentic capabilities reach production, runtime control becomes essential infrastructure alongside the dev…

Canonical released Ubuntu Core 26, the latest long-term supported version of its minimal, immutable operating system, with security maintenance lasting up to 15 years.

Every component on a Core system ships as a sandboxed, cryptographically signed snap, producing a measured boot chain in which only verified software runs.

Ubuntu Core 26 introduces an improved snap-delta format that cuts update sizes by 50% to 90% for most snaps.

Livepatch, Canonical’s rebootless kernel patching service, now covers ARM64 starting with Ubuntu Core 26 and is officially supported on AMD64 across all releases from Ubuntu Core 20 onwards.

A gpu-2604 interface brings graphics acceleration to Core 26 applications t…

A SHub macOS infostealer variant called Reaper impersonates Apple, Microsoft, and Google to trick users into executing malicious code, then targets browser data, password managers, and cryptocurrency wallets while establishing persistence for continued access, SentinelOne found.

The payload may be hosted on a typo-squatted Microsoft domain, executed under the guise of an Apple security update, and persist from a fake Google Software Update directory,” researchers explained.

Fake installer pages collect victim dataThe attack starts with fake WeChat and Miro installer websites hosted on typo-squatted domains designed to deceive users, including mlcrosoft[.]co[.]com.

This version also adds a F…

Discord has protected voice and video calls in DMs, group DMs, voice channels, and Go Live streams with end-to-end encryption (E2EE) by default.

End-to-end encryption allows only participants in a call to access its content, while Discord does not have access to media encryption keys.

Support for DAVE became required for Discord calls on March 1, 2026.

Calls require DAVE support for clients and apps, establishing DAVE as the standard for Discord voice and video calls.

Clients and applications without DAVE support cannot participate in supported voice and video sessions.

As part of the Babel Street Insights platform, Investigator represents a shift from search and AI-assisted queries to analyst-directed, AI-executed investigations.

Investigator puts Babel Street’s agentic-ready, mission-curated data estate to work across 200-plus languages and the formats adversaries actually use.

Analyst-directed AI agents: Analysts define the objective, review the plan, and retain control over scope, logic, and outcomes.

Investigator agents are trained in Babel Street’s tradecraft, mission expertise, and investigative workflows to execute multi-step investigations, not simply return AI-generated answers.

Investigator agents are trained in Babel Street’s tradecraft, missio…

iProov has launched iProov Verified Meetings, a new solution that enables organizations to verify the identity of video call participants without adding friction to the user experience.

Video meetings have become a trusted and scalable communication channel, but attackers are increasingly exploiting them through AI-generated deepfake and injection attacks, creating new fraud risks.

Verified Meetings addresses these threats by helping organizations confirm participant identities before meetings begin.

iProov Verified Meetings provides that capability, enabling organizations to authenticate that participants are real people using real cameras while protecting the integrity of critical interac…

By making email communications and attachments available within the Egnyte environment, AI tools can access a broader, more current set of project information.

“With Egnyte, users can break down these traditional silos to more confidently make business decisions and leverage AI directly where the data lives.

Egnyte also released new AI capabilities to power its AI Assistant.

By integrating these capabilities, Egnyte drives operational efficiencies for AEC firms by reducing the need to search across multiple systems and enabling valuable insights grounded in real project data.

Instead of copying data into new systems, Egnyte brings AI directly to the source, improving decisions and enabling …

A handful of public Instagram posts can give attackers enough material to generate convincing phishing emails with GenAI.

The generated phishing emails also scored much higher for personalization than phishing emails collected from the APWG eCrime Exchange dataset, a repository purpose-built for cybercrime event data exchange.

Few social posts provide enough phishing contextThe researchers also studied how people reacted to the phishing emails.

They reviewed both AI-generated phishing emails and phishing emails taken from APWG datasets.

The group found the AI-generated phishing emails more difficult to identify than the phishing emails from the APWG dataset.

Researchers built a continuous authentication system called AccLock that identifies a wearer by the tiny vibrations a heartbeat makes inside the ear canal.

Example of an application scenario for AccLock (Source: Research paper)What the system doesEach heartbeat sends a small mechanical pulse through the body.

That is the entire point of continuous authentication, and on this one task the design held up well.

A background refresh routine using high-confidence samples seems to keep the profile current, but the study only ran for two months.

A small group of users also produced consistently worse results than the rest, likely due to anatomy and how the earbud sits in the ear.

NTT DATA’s 2026 Global AI Report A Playbook for Private and Sovereign AI examined these conditions in more than 2,500 organizations.

About 35% of CAIOs identify enabling private and sovereign AI as their biggest barrier to adoption, often requiring significant changes to infrastructure.

Sovereign AI adds demands around where data resides, how it moves between regions, and where AI systems can process it.

Organizations expand planning around AI controlAbout 95% of organizations consider private or sovereign AI important to their AI strategy, and 96% are considering relocating AI infrastructure to specific regions because of geopolitical pressures and supply chain concerns.

Organizations are …

Cyber Security EngineerMater Private Network | Ireland | Hybrid – View job detailsAs a Cyber Security Engineer, you will lead the deployment of security solutions, including PAM, EDR, and other enterprise security tools.

Cyber Security EngineerNSW Police Force | Australia | On-site – View job detailsAs a Cyber Security Engineer, you will implement and maintain technical security controls that protect digital infrastructure, applications, and data.

Cybersecurity EngineerMED-EL | Austria | On-site – View job detailsAs a Cybersecurity Engineer, you will implement, manage, and improve security technologies across the enterprise, including EDR/XDR, SIEM, vulnerability management, and cloud secur…

It’s nasty, but it requires physical access to the computer:The exploit, named YellowKey, was published earlier this week by a researcher who goes by the alias Nightmare-Eclipse.

It reliably bypasses default Windows 11 deployments of BitLocker, the full-volume encryption protection Microsoft provides to make disk contents off-limits to anyone without the decryption key, which is stored in a secured piece of hardware known as a trusted platform module (TPM).

BitLocker is a mandatory protection for many organizations, including those that contract with governments.

About Bruce SchneierI am a public-interest technologist, working at the intersection of security, technology, and people.

I've been writing about security issues on my blog since 2004, and in my monthly newsletter since 1998.

I'm a fellow and lecturer at Harvard's Kennedy School, a board member of EFF, and the Chief of Security Architecture at Inrupt, Inc.

This personal website expresses the opinions of none of those organizations.

Some AI-based video age-verification checks can be fooled with a fake mustache.

Upcoming Speaking EngagementsThis is a current list of where and when I am scheduled to speak:I’m giving a virtual talk on “The Security of Trust in the Age of AI,” hosted by the Financial Women’s Association of New York, at 6:00 PM ET on May 21, 2026.

I’m speaking at the Potsdam Conference on National Cybersecurity at the Hasso Plattner Institut in Potsdam, Germany.

The event runs June 24–25, 2026, and my talk will be the evening of June 24.

I’m speaking at the Digital Humanism Conference in Vienna, Austria, on Tuesday, June 26, 2026.

I’m speaking at the Nuremberg Digital Festival in Nuremburg, Germany, on Wednesday, July 1, 2026.

While Anthropic’s model is really good at finding software vulnerabilities, so are other models.

The UK’s AI Security Institute found that OpenAI’s GPT-5.5, already generally available, is comparable in capability.

The tax code isn’t computer code, but it’s a series of algorithms with inputs and outputs.

As goes the tax code, so goes any other complex system of rules and strategies.

We’re seeing it right now in the deluge of software vulnerabilities that these models are finding and exploiting.

OpenAI’s GPT-5.5 is as Good as Mythos at Finding Security VulnerabilitiesThe UK’s AI Security Institute evaluated GPT-5.5’s ability to find security vulnerabilities, and found that it is comparable to Claude Mythos.

Note that the OpenAI model is generally available.

And here is an analysis of a smaller, cheaper model.

It requires more scaffolding from the prompter, but it is also just as good.

Posted on May 13, 2026 at 7:03 AM • 0 Comments

TL;DRcopy.fail is a Linux kernel local privilege escalation, not a browser or clipboard attack.

Kubernetes Pod Security Standards (Restricted) and the default RuntimeDefault seccomp profile do not block the syscall used.

A custom seccomp profile is needed.

“Local privilege escalation” sounds dry, so let me unpack it.

They all share one Linux kernel with their neighbours.

About Bruce SchneierI am a public-interest technologist, working at the intersection of security, technology, and people.

I've been writing about security issues on my blog since 2004, and in my monthly newsletter since 1998.

I'm a fellow and lecturer at Harvard's Kennedy School, a board member of EFF, and the Chief of Security Architecture at Inrupt, Inc.

This personal website expresses the opinions of none of those organizations.

Friday Squid Blogging: Giant Squid Live in the Waters of Western AustraliaEvidence of them has been found by analyzing DNA in the seawater.

As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.

Blog moderation policy.

Posted on May 8, 2026 at 5:03 PM • 2 Comments

Insider trading is rife on Polymarket:Analysis by the Anti-Corruption Data Collective, a non-profit research and advocacy group, found that long-shot bets—­defined as wagers of $2,500 or more at odds of 35 percent or less—­on the platform had an average win rate of around 52 percent in markets on military and defense actions.

That compares with a win rate of 25 percent across all politics-focused markets and just 14 percent for all markets on the platform as a whole.

About Bruce SchneierI am a public-interest technologist, working at the intersection of security, technology, and people.

I've been writing about security issues on my blog since 2004, and in my monthly newsletter since 1998.

I'm a fellow and lecturer at Harvard's Kennedy School, a board member of EFF, and the Chief of Security Architecture at Inrupt, Inc.

This personal website expresses the opinions of none of those organizations.

A new rowhammer attack gives complete control of NVIDIA CPUs.

On Thursday, two research teams, working independently of each other, demonstrated attacks against two cards from Nvidia’s Ampere generation that take GPU rowhammering into new—­and potentially much more consequential—­territory: GDDR bitflips that give adversaries full control of CPU memory, resulting in full system compromise of the host machine.

For the attack to work, IOMMU memory management must be disabled, as is the default in BIOS settings.

“Our work shows that Rowhammer, which is well-studied on CPUs, is a serious threat on GPUs as well,” said Andrew Kwong, co-author of one of the papers.

Unlike the previous two, the res…

DarkSword is a sophisticated piece of malware—probably government designed—that targets iOS.

Google Threat Intelligence Group (GTIG) has identified a new iOS full-chain exploit that leveraged multiple zero-day vulnerabilities to fully compromise devices.

Based on toolmarks in recovered payloads, we believe the exploit chain to be called DarkSword.

These threat actors have deployed the exploit chain against targets in Saudi Arabia, Turkey, Malaysia, and Ukraine.

The proliferation of this single exploit chain across disparate threat actors mirrors the previously discovered Coruna iOS exploit kit.

Hacking PolymarketPolymarket is a platform where people can bet on real-world events, political and otherwise.

Leaving the ethical considerations of this aside (for one, it facilitates assassination), one of the issues with making this work is the verification of these real-world events.

Polymarket gamblers have threatened a journalist because his story was being used to verify an event.

And now, gamblers are taking hair dryers to weather sensors to rig weather bets.

Posted on May 4, 2026 at 5:46 AM • 0 Comments

Artificial intelligence platforms may be just as susceptible to social engineering as human beings, but they are proving remarkably good at finding security vulnerabilities in human-made computer code.

May’s Patch Tuesday is a welcome respite from April, which saw Microsoft fix a near-record 167 security flaws.

But at the end of April, Oracle announced it was switching to a monthly update cycle for critical security issues.

Chrome automagically downloads available security updates, but installing them requires fully restarting the browser.

For a more granular look at the Microsoft updates released today, checkout this inventory by the SANS Internet Storm Center.

The stated deadline for payment was initially set at May 6, but it was later pushed back to May 12.

The May 6 update stated that Canvas was fully operational, and that Instructure was not seeing any ongoing unauthorized activity on their platform.

Instructure responded by pulling Canvas offline and replacing the portal with the message, “Canvas is currently undergoing scheduled maintenance.

Data extortion groups like ShinyHunters will typically only remove victims from their leak sites after receiving an extortion payment or after a victim agrees to negotiate.

Last month, ShinyHunters relieved the home security giant ADT of personal information on 5.5 million customers.

For the past several years, security experts have tracked a series of massive DDoS attacks originating from Brazil and solely targeting Brazilian ISPs.

The company originated from protecting game servers against DDoS attacks and evolved into an ISP-focused DDoS mitigation provider.

But so-called “DNS reflection” attacks rely on DNS servers that are (mis)configured to accept queries from anywhere on the Web.

“We received and notified many Tier 1 upstreams regarding very very large DDoS attacks against small ISPs,” Nascimento said.

Nascimento flatly denied being involved in DDoS attacks against Brazilian operators to generate business for his company’s services.

A 24-year-old British national and senior member of the cybercrime group “Scattered Spider” has pleaded guilty to wire fraud conspiracy and aggravated identity theft.

FBI investigators tied Buchanan to the 2022 SMS phishing attacks after discovering the same username and email address was used to register numerous phishing domains seen in the campaign.

That same year, U.K. investigators found a device at Buchanan’s Scotland residence that included data stolen from SMS phishing victims and seed phrases from cryptocurrency theft victims.

Buchanan is the second known Scattered Spider member to plead guilty.

Two other alleged Scattered Spider members will soon be tried in the United Kingdom.

“This CVE can enable phishing attacks, unauthorized data manipulation, or social engineering campaigns that lead to further compromise,” Walters said.

Satnam Narang, senior staff research engineer at Tenable, said April marks the second-biggest Patch Tuesday ever for Microsoft.

Narang also said there are indications that a zero-day flaw Adobe patched in an emergency update on April 11 — CVE-2026-34621 — has seen active exploitation since at least November 2025.

Adam Barnett, lead software engineer at Rapid7, called the patch total from Microsoft today “a new record in that category” because it includes nearly 60 browser vulnerabilities.

For example, a Google Chrome update released earlier t…

Hackers linked to Russia’s military intelligence units are using known flaws in older Internet routers to mass harvest authentication tokens from Microsoft Office users, security experts warned today.

The spying campaign allowed state-backed Russian hackers to quietly siphon authentication tokens from users on more than 18,000 networks without deploying any malicious software or code.

Instead, they used known vulnerabilities to modify the Domain Name System (DNS) settings of the routers to include DNS servers controlled by the hackers.

English said the routers attacked by Forest Blizzard were reconfigured to use DNS servers that pointed to a handful of virtual private servers controlled by …

An elusive hacker who went by the handle “UNKN” and ran the early Russian ransomware groups GandCrab and REvil now has a name and a face.

Shchukin’s name appeared in a Feb. 2023 filing (PDF) from the U.S. Justice Department seeking the seizure of various cryptocurrency accounts associated with proceeds from the REvil ransomware gang’s activities.

The Gandcrab ransomware affiliate program first surfaced in January 2018, and paid enterprising hackers huge shares of the profits just for hacking into user accounts at major corporations.

The Gandcrab team would then try to expand that access, often siphoning vast amounts of sensitive and internal documents in the process.

REvil never recovered f…

Experts say the wiper campaign against Iran materialized this past weekend and came from a relatively new cybercrime group known as TeamPCP.

TeamPCP then attempted to move laterally through victim networks, siphoning authentication credentials and extorting victims over Telegram.

Eriksen said it appears TeamPCP used access gained in the first attack on Aqua Security to perpetrate this weekend’s mischief.

“It’s a little all over the place, and there’s a chance this whole Iran thing is just their way of getting attention,” Eriksen said.

“While security firms appear to be doing a good job spotting this, we’re also gonna need GitHub’s security team to step up,” Cimpanu wrote.

The feds say the four botnets — named Aisuru, Kimwolf, JackSkid and Mossad — are responsible for a series of recent record-smashing distributed denial-of-service (DDoS) attacks capable of knocking nearly any target offline.

The government alleges the unnamed people in control of the four botnets used their crime machines to launch hundreds of thousands of DDoS attacks, often demanding extortion payments from victims.

The oldest of the botnets — Aisuru — issued more than 200,000 attacks commands, while JackSkid hurled at least 90,000 attacks.

Aisuru emerged in late 2024, and by mid-2025 it was launching record-breaking DDoS attacks as it rapidly infected new IoT devices.

That disclosure help…

A hacktivist group with links to Iran’s intelligence agencies is claiming responsibility for a data-wiping attack against Stryker, a global medical technology company based in Michigan.

Meanwhile, a voicemail message at Stryker’s main U.S. headquarters says the company is currently experiencing a building emergency.

In a lengthy statement posted to Telegram, an Iranian hacktivist group known as Handala (a.k.a.

Palo Alto says Handala surfaced in late 2023 and is assessed as one of several online personas maintained by Void Manticore, a MOIS-affiliated actor.

The security firm said Handala also has taken credit for recent attacks against fuel systems in Jordan and an Israeli energy exploratio…

Microsoft Corp. today pushed security updates to fix at least 77 vulnerabilities in its Windows operating systems and other software.

It would hardly be a proper Patch Tuesday without at least one critical Microsoft Office exploit, and this month doesn’t disappoint.

Ben McCarthy, lead cyber security engineer at Immersive, called attention to CVE-2026-21536, a critical remote code execution bug in a component called the Microsoft Devices Pricing Program.

Microsoft has already resolved the issue on their end, and fixing it requires no action on the part of Windows users.

For a complete breakdown of all the patches Microsoft released today, check out the SANS Internet Storm Center’s Patch Tues…

The new hotness in AI-based assistants — OpenClaw (formerly known as ClawdBot and Moltbot) — has seen rapid adoption since its release in November 2025.

“The testimonials are remarkable,” the AI security firm Snyk observed.

WHEN AI INSTALLS AIOne of the core tenets of securing AI agents involves carefully isolating them so that the operator can fully control who and what gets to talk to their AI assistant.

Probably the best known (and most bizarre) example is Moltbook, where a developer told an AI agent running on OpenClaw to build him a Reddit-like platform for AI agents.

Claude Code Security is a legitimate signal that AI is reshaping parts of the security landscape.

In early January 2026, KrebsOnSecurity revealed how a security researcher disclosed a vulnerability that was used to build Kimwolf, the world’s largest and most disruptive botnet.

Dort was an extremely active player in the Microsoft game Minecraft who gained notoriety for their “Dortware” software that helped players cheat.

Dort also used the nickname DortDev, an identity that was active in March 2022 on the chat server for the prolific cybercrime group known as LAPSUS$.

Dort peddled a service for registering temporary email addresses, as well as “Dortsolver,” code that could bypass various CAPTCHA services designed to prevent automated account abuse.

The breach tracking service Constella I…

Most phishing websites are little more than static copies of login pages for popular online destinations, and they are often quickly taken down by anti-abuse activists and security firms.

Enter Starkiller, a new phishing service that dynamically loads a live copy of the target login page and records everything the user types, proxying the data to the legitimate site and back to the victim.

According to an analysis of Starkiller by the security firm Abnormal AI, the service lets customers select a brand to impersonate (e.g., Apple, Facebook, Google, Microsoft et.

“Starkiller represents a significant escalation in phishing infrastructure, reflecting a broader trend toward commoditized, enterp…

Prosecutors allege he is "Speedstepper" - the suspected main administrator of the notorious Dream Market dark web marketplace that operated from 2013 until its abrupt closure in 2019.

Dream Market's cryptocurrency wallets, holding millions of dollars worth in commission payments, went dormant after the site's closure.

But in November and December 2022, someone who had access to Dream Market's original private keys began to move funds around.

And, according to the indictment, those gold bars were shipped directly to Andresen's home address in Germany.

If the claims of prosecutors are true, it was a massive error by the man suspected of being the Dream Market kingpin.

The only weapon is the hackers' threat to release stolen data, or leave your systems permanently encrypted.

Instead, they are making threats to hurt their victims.

A study last year by identity security firm Semperis found that 40% of ransomware attacks saw criminals threatening physical violence against employees who refused to pay.

Some of the most disturbing instances of cybercrime spilling out into physical violence can be found where cryptocurrency and organised crime intertwine.

With physical threats seemingly becoming more common than ever before, it's clearly important for defenders to learn some lessons.

I don't know.

Yeah, that's it, that's it.

Now, one of those in your— I was about to say Filofax, but I don't think those are a thing anymore.

But you know, yeah, as you point out, a large part of this is through the same ecosystem.

He is professor of letters at a— I don't know which letters, I imagine all of them— at a university in Besançon.

One in eight UK workers admits to selling their company login credentials - or knowing someone who has - in the past 12 months. The really alarming bit? Their bosses are even more relaxed about it. Read more in my article on the Fortra blog.

Russia's military intelligence service, the GRU, directly controls who gets into Department 4, according to the leak.

It is GRU that is overseeing exams, and signing-off on graduates' postings, with some promising students scouted as early as secondary school.

Upon his graduation, he is said to have been assigned to the Fancy Bear hacking group, which was linked by the US Department of Justice over the high profile hack of the Democratic National Committee.

He has, it seems, gone from running the Fancy Bear hacking group to helping train its replacements.

What the report does is act as a useful reminder that the threat posed by groups like Fancy Bear and Sandworm is serious and organised.

Sri Lankan police have arrested 37 people suspected of running a scam centre in a suburb of the capital city Colombo.

Prior to that, in March, immigration officers arrested 135 Chinese men and women in connection with another scam centre.

So the obvious question to ask is: what are these alleged scam centres suspected of being doing?

Sri Lanka has recently boosted its appeal to foreign tourists by relaxing visa requirements, and has been "rewarded" by more scam centers popping up in its cities residential suburbs.

You don't have to live anywhere near a scam compound for any of this to land in your life.

Meta sees everything, copy fail, and a deepfake gets hired with Graham Cluley and special guest Paul Ducklin.

Sometimes I have to whisper and sometimes the whisper is edited out afterwards, say, "Say who you are."

They had this secret memo where they said, "Look, there's going to be a bit of aggro when we launch this.

So they say there's clear user consent, they say.

And we've got so many people that still don't know about the technology.

This is the picture that US prosecutors have painted of a teenager arrested earlier this month at Helsinki Airport while trying to board a flight to Tokyo.

Prosecutors allege that the teenage suspect took part in at least four Scattered Spider attacks , the earliest in March 2023 - just months after his 16th birthday.

The complaint also alleges that the Scattered Spider gang mocked law enforcement, with one 2024 screenshot reportedly showed failed login attempts captioned "F*** off, FBI."

Scattered Spider is a loosely-formed English-speaking collective of teenagers and young adults who became infamous after the 2023 attacks on MGM Resorts and Caesars Entertainment.

You should also consider …

US Marines stationed around the Persian Gulf have been receiving WhatsApp messages from strangers suggesting they call home and make their final goodbyes.

The messages, which began arriving on Monday, came signed by the Iran-linked Handala hacking group, that has spent much of 2026 attacking US and Israeli targets.

A day later, the Handala hacking crew took to its Telegram channel to announce that it had published the names and phone numbers of 2,379 US Marines stationed in the Persian Gulf.

Handala, which first surfaced in late 2023, presents itself as a pro-Palestinian hacktivist group.

If a Marine receives a WhatsApp message naming them and threatening their family, it does not really ma…

All this and more in episode 465 of the “Smashing Security” podcast with cybersecurity keynote speaker and industry veteran Graham Cluley, joined this week by special guest James Ball.

Smashing Security listeners get $1000 off!

Support the show:You can help the podcast by telling your friends and colleagues about “Smashing Security”, and leaving us a review on Apple Podcasts or Podchaser.

Join Smashing Security PLUS for ad-free episodes and our early-release feed!

Follow us:Follow the show on Bluesky, or join us on the Smashing Security subreddit, or visit our website for more episodes.

34-year-old Xu Zewei arrived in Houston, Texas at the weekend after Italian authorities approved his extradition to the United States.

The US Department of Justice alleges that Xu was following orders from officers at the Shanghai State Security Bureau, an arm of China's Ministry of State Security.

According to the FBI, Hafnium targeted more than 60,000 organisations in the United States and successfully broke into over 12,700 of them.

The Chinese Foreign Ministry opposed Xu's extradition to the United States, and claimed that cases are being fabricated against Chinese citizens.

But every so often, a suspect makes the mistake of going on holiday somewhere with an extradition agreement with …

A 21-year-old man suspected of conducting approximately 100 data breaches since late 2025 - including a hack of the French Ministry of National Education that exposed records on almost a quarter of a million employees — has been arrested at his home in western France.

According to French prosecutors, the man was reportedly preparing to dump yet another collection of stolen data online at the time of his arrest on 20 April, and has admitted to using the pseudonym "HexDex" online.

The police investigation began on 19 December last year, when the Paris prosecutor's cybercrime unit received around 100 reports of data exfiltration, all apparently linked to the same perpetrator.

In an interview g…

Yeah, yeah.

Yeah, yeah.

As a journalist, this really, really bugs me because of course, it's really difficult when you cover these cybercrime incidents because the victim here, is it P3?

And the company have been clearly really, really terrible in transparency.

Yeah, yeah, yeah.

Garrett Dutton, better known as G. Love - the front man of blues-hip-hop outfit G. Love & Special Sauce - has learnt that lesson the hard way.

In what must have been a painful admission earlier this month, G. Love described how while setting up a new computer, he downloaded what he believed was the legitimate Ledger Live app from Apple's official App Store.

The bogus app tricked the singer into entering his seed phrase - the master key to his cryptocurrency holdings.

The real Ledger Live app will never ask you for your seed phrase.

In the past Apple has presented its App Store as a more secure and safer place to find and download apps than other operating systems.

Have you ever taken a look at your Microsoft 365 mailbox rules? If not, it might be worth a few minutes of your time. Because newly released research reveals that hackers may already have beaten you to it. Read more in my article on the Fortra blog.

При этом большая часть из них — семейные, используемые совместно с близкими… и не очень: 37% пользователей делятся своими подписками за пределами семьи.

Сегодня расскажем, как безопасно управлять подписками, избежать взлома всех ваших аккаунтов и не попасться на удочку злоумышленников.

Как делятся подписками с близкими и не оченьМногие владельцы подписок с легкостью делятся ими с членами семьи и друзьями.

Самый худший вариант с точки зрения безопасности — когда покупается один подписной аккаунт и владелец передает логин и пароль другим пользователям.

Если вы и ваши близкие храните пароли «в голове», то вероятность того, что вы используете один и тот же пароль в разных сервисах, весьма велик…

Но в этом посте я хочу рассказать о Kaspersky Container Security (KCS) не как представитель вендора, а скорее как член команды, активно использующей это решение в повседневной работе.

Но Kaspersky Container Security (KCS) — это скорее платформа для защиты контейнерной среды, которая закрывает сразу несколько задач, встраиваясь в контейнерный контур целиком.

Когда у команды сотни сборок, одного периодического сканирования реестра уже мало и это всегда требует ручного вмешательства.

Чем KCS полезен в наших сценарияхУ нас работает своя система композиционного анализа, поэтому мы не смотрим на KCS как на единственный источник истины.

Почему мы смотрим на KCS не только как на сканерЕще один силь…

Да, за рулем все еще водитель, но он там скорее для страховки, так что появление настоящего беспилотного авто — это лишь вопрос времени.

Для производителя это означает ответственность за поведение автомобиля на дороге и за выбор поставщиков.

Обеспечение безопасности автомобиля в современных условияхДолгое время, когда речь шла о безопасности автомобиля, имелась в виду исключительно функциональная безопасность.

Контроль осуществляется на разных уровнях архитектуры: внутри доменов, на уровне отдельных контроллеров и на границе сетей.

В рамках этой статьи мы рассмотрели лишь часть подходов, которые сегодня применяются в KASG для обеспечения безопасности транспортных средств.

Поэтому при внедрении собственных ИИ-серверов и их вспомогательных систем (RAG, MCP и так далее) необходимо с самого начала внедрять строгие меры безопасности.

В ответ на запросы он отчитывается о доступности серверов Ollama, LM Studio, AutoGPT, LangServe, text-gen-webui, которые часто используются для «обвязки» запущенных локально ИИ-моделей.

Дополнительно сервер-приманка отчитывался о наличии разнообразных баз данных RAG и MCP-сервера с привлекательными возможностями вроде «get_credentials» (получить учетные данные).

На самом деле на Raspberry PI просто были сохранены 500 ответов настоящей модели Qwen3, из которых несложный скрипт выбирал наиболее подходящий с учетом присланного запроса.

…

Кроме того, взлом паролей ускоряется из года в год: в нашем аналогичном исследовании 2024 года процент паролей, нестойких ко взлому, был ниже.

К сожалению, многие пользователи хранят свои пароли в открытом виде в заметках, сообщениях в мессенджерах, в документах, а также в браузерах, сохраненные пароли из которых злоумышленники вытаскивают за считаные секунды.

Не храните пароли в виде обычного текстаНи в коем случае не записывайте пароли в файлах, сообщениях и документах — они не защищены должным шифрованием, как в менеджере паролей.

Не храните пароли в браузерахМногие пользователи сохраняют свои пароли в браузерах — тем более что те любезно позволяют делать это автоматически.

Важно соблюда…

К сожалению, создатели зловредов уже не первый раз находят способы обойти эту защиту, так что секреты, хранящиеся в Chrome, опять под угрозой.

Как работает шифрование с привязкой к приложению в ChromeGoogle представила механизм шифрования с привязкой к приложению (Application-Bound Encryption) в июле 2024 года в 127-й версии браузера Chrome.

Мы уже подробно рассказывали, что представляют собой эти файлы и к чему может привести их кража, поэтому здесь лишь кратко напомним основные факты.

Дело в том, что в данной ОС Chrome использовал только стандартный встроенный механизм защиты данных Data Protection API (DPAPI).

В теории это должно было заметно усложнить атаки на Chrome и снизить эффективн…

Наши эксперты обнаружили масштабную атаку на цепочку поставок через ПО для эмуляции оптического дисковода DAEMON Tools.

Кого именно атакуютС начала апреля было зарегистрировано несколько тысяч попыток установки дополнительной вредоносной нагрузки через зараженное ПО DAEMON Tools.

Что именно было зараженоВредоносный код был обнаружен в DAEMON Tools начиная с версии 12.5.0.2421 и до 12.5.0.2434.

Если у вас на компьютере (или где-то в организации) используется ПО DAEMON Tools, наши эксперты рекомендуют тщательно проверить устройства на наличие аномальной активности начиная с 8 апреля.

Наши решения успешно защищают пользователей от всего вредоносного ПО, используемого в атаке на цепочку поставо…

Практически в каждом фильме или сериале из вселенной «Звездных войн» присутствуют дроиды.

Кто-то, наверное, скажет: «Да какая разница?» И с точки зрения нормального зрителя будет абсолютно прав.

Дроид — сложная киберфизическая система, повлияв на мотивацию которой атакующий может получить доступ к конфиденциальным данным, а то и вовсе причинить вред настоящему владельцу.

В нескольких случаях человек, не являющийся формальным владельцем дроида, старается повлиять на его поступки, пытаясь ввести дроида в заблуждение.

Ферн вводит в дискуссию понятие из детских игр — unclaimsies (то есть как бы обнуление прав) и заявляет собственные права на место капитана.

Динамически обновляемый контентКорреляционный контент сегодня — это не статичный набор правил, а процесс: он постоянно развивается и адаптируется под актуальные угрозы.

Только за 2025 год мы выпустили 55 обновлений пакетов правил для разных версий и разных языков нашей SIEM-системы KUMA.

Всего за год добавилось 10 новых пакетов, а также 250 правил обнаружения и множество улучшений существующего контента.

Эффективность работы KUMA повышается за счет интеграции с Kaspersky EDR и отдельными наборами правил для Active Directory, в которых реализованы десятки сценариев обнаружения атак на разных стадиях.

В целом SIEM перестает быть набором правил и превращается в постоянно обновляемую систему об…

В случае если авто или его владелец потенциально связаны с преступлением, автомобиль могут изучать не только под микроскопом и ультрафиолетом.

Комплексная слежкаДля слежки за «лицами, представляющими интерес», данные, полученные с самого автомобиля, связывают с информацией из других источников.

Журналисты обнаружили, что некоторые компании рекламируют возможность дистанционного скрытного включения микрофонов и камер автомобиля, что позволяет прослушивать разговоры в реальном времени.

Если это приложение вам очень нужно, откажитесь от передачи своих данных «на сторону» в настройках фирменного приложения.

Откажитесь от передачи данных и в настройках самого автомобиля, если это возможно.

Например, приложение, которое обрабатывает конфиденциальные данные организации, опубликовано на публичном конструкторе вайб-код-приложений (Lovable и ему подобным) и по умолчанию доступно всему Интернету.

Нельзя один раз проделать упражнение «защита приложения» и на этом остановиться.

Всегда просите ИИ добавлять проверки для любых данных, которые вводят люди (как в формы, так и в строки поиска).

Тестируйте новые функции и новые версии приложения в безопасной среде — на копии сайта или приложения и на копии базы данных.

С помощью сканера вы проследите, чтобы файлы с ключами и паролями не попадали в Git и не публиковались вместе с проектом.

Преступники внедряют уже известные трюки в новые цепочки атак, в том числе ловят жертв в App Store.

Подделки под криптокошелькиВ марте этого года мы обнаружили в топе китайского App Store фишинговые приложения, иконки и названия которых мимикрируют под приложения для управления распространенными криптокошельками.

Чтобы приложения были пропущены в App Store, в них добавляли какую-либо базовую функциональность, например игру, калькулятор или планировщик задач.

Установка без App StoreКлючевой частью схемы является установка вредоносов на iPhone жертв в обход App Store и его процесса верификации.

Такие приложения не требуют публикации в App Store, и их можно устанавливать без ограничений по кол…

Возможно, именно это в какой-то мере сформировало их отношение к информации и сподвигло заняться ее защитой.

То есть, по сути, описана виртуальная реальность, неотличимая от настоящей (и это за 35 лет до «Матрицы»).

«Нейромант» (1984)«Нейромант» — книга, опубликованная в 1984 году и, по сути, положившая начало популярности жанра «киберпанк» (хотя само слово было изобретено немного раньше).

И эту идею отложили в долгий ящик, и она до сих пор так и не реализовалась.

Это уже не фантастика, и в этой подборке он стоит скорее для контраста.

Такие документы — лакомый кусочек для злоумышленников, ведь в них хранятся личные данные, информация о работе, доходах, собственности и банковских счетах — и далее по списку.

Неудивительно, что именно в это время мошенники становятся особенно активными: Интернет сейчас буквально кишит поддельными сайтами, имитирующими государственные ресурсы и налоговые органы.

В этом посте рассказываем, как действуют поддельные сайты от «налоговых органов» в разных странах и чего делать точно не стоит, чтобы сохранить свои деньги и конфиденциальную информацию.

На подобных сайтах-подделках мошенники крадут учетные данные от легитимных сайтов и личную информацию, а затем предлагают оформить налоговый вычет и…

Today we’re releasing our new AI-powered DNS defense platform, available within Cisco Secure Access and powered by Cisco Talos intelligence.

How Cisco disrupts the ransomware lifecycle (DNS focus)Cisco Talos DNS Security (fully integrated into Cisco Secure Access) detects obfuscated data hidden in DNS packets, the core of internet communication.

Through Talos DNS Security, Talos’ custom built machine learning models detect the unique “lexical texture” of algorithmically generated domains (DGA) used by attackers.

Through Talos DNS Security, Talos’ custom built machine learning models detect the unique “lexical texture” of algorithmically generated domains (DGA) used by attackers.

Learn more …

This is also why zero trust architecture matters, shifting from assumed trust to continuous verification with systems built to withstand failure.

Being ready for the long gamePreparing for state-sponsored threats means closing gaps before an incident, not during one.

Behavioural baseline : Continuously updated behavioral baselines help surface low and slow activity, especially credential abuse that leaves no malware trace.

OT and ICS readiness : OT environments need hardware-enforced separation, as well as established response procedures.

Supply chain and insider threats: supply chains need mapped vendor access and SBOMs, and insider risk demands cross-functional hiring verification and pre…

The Missing Surface: Security ContextAsk a SOC analyst what they need from a security platform and you get consistent answers.

Cisco Secure Access now includes Security Insights: a security analytics dashboard that surfaces where risk is concentrated, helps teams identify emerging threats and policy gaps, and gives security leadership the trend data to report on posture and measure the impact of initiatives over time.

Secure Access addresses this through the AI view, which tracks GenAI application usage and guardrail violations alongside the rest of security operations.

Security Insights gives analysts the signals to start an investigation, security managers the view to close policy gaps, a…

The integrity of the systems we depend on, the trust layer underneath everything, is equally exposed.

This integrates naturally with external key management systems, including Quantum Key Distribution platforms for the most sensitive environments.

In the meantime, visit the Cisco Trust Center to learn more about our PQC approach and stay ahead of what’s coming.

Ask a question and stay connected with Cisco Security on social media.

Cisco Security Social MediaLinkedInFacebookInstagram

Cisco Catalyst SD-WAN for Government integration with Cisco Secure Access FedRAMP instances: Government agencies require secure, compliant networking solutions that meet stringent federal security standards.

Cisco Catalyst SD-WAN for Government now integrates with Cisco Secure Access FedRAMP instances, enabling government organizations to maintain secure connectivity while ensuring compliance with federal security standards.

Policy groups in Cisco Catalyst SD-WAN Manager enable agencies to define IPSec tunnels and connection parameters to Secure Access instances, ensuring secure and compliant access across their network infrastructure.

AI application classification and shadow AI control: Ci…

With modular N+1 clustering (supporting up to 16 nodes), the 6100 Series scales to up to 8 Tbps of L7 throughput.

Using our AI-driven Encrypted Visibility Engine (EVE), the 6100 Series identifies threats in encrypted traffic without decryption, preserving privacy and line-rate speed.

Because at this scale, security shouldn’t hold you back—it should help you move faster.

Ask a question and stay connected with Cisco Security on social media.

Cisco Security Social MediaLinkedInFacebookInstagram

Cisco Secure Firewall uses encryption for many things: VPN tunnels, remote management, hardware-level trust, and inline decryption.

They also define stronger baselines of security for existing algorithms, which are already incorporated into Cisco Secure Firewall.

Support arrives in Secure Firewall Threat Defense (FTD) 10.5 and ASA 9.25, targeted for General Availability in late 2026.

PQC support for TLS client features is planned for ASA/FTD 11.0, while management web server PQC support depends on underlying web server library readiness.

Cisco Secure Firewall is building post-quantum cryptography into every layer of the platform, so that when your organization is ready to make the transitio…

At this year’s Mobile World Congress in Barcelona, service providers showed up from around the world to join over 115,000 attendees from 210 countries.

We leveraged the lessons learned from previous SOC deployments, adding the new Secure Firewall 6160, which is designed specifically for AI-ready data centers.

Clockwise from the upper left quadrant: Firepower in Security Cloud Control, Splunk Cloud dashboard for MWC, Splunk Enterprise Security Mission Control and Cisco XDR.

Ask a question and stay connected with Cisco Security on social media.

Cisco Security Social MediaLinkedInFacebookInstagram

Mobile World Congress (MWC) Barcelona is one of the most demanding environments for network and security operations.

For the 2nd year, the Cisco team leveraged Splunk, in addition to its other security products, to deliver a unified Security Operations Center (SOC) and Network Operations Center (NOC) experience.

Clockwise from the upper left quadrant: Firepower in Security Cloud Control, Splunk Cloud dashboard for MWC, Splunk Enterprise Security Mission Control and Cisco XDR.

Bridging SOC and NOC: From Visibility to ContextTraditionally, SOC and NOC teams operate in parallel, often using separate tools and datasets.

Edge engineering still matters in cloud-first architecturesComponents like …

Among the new security features, the one I was most eager to explore was Shadow Traffic detection.

Observing Shadow Traffic at scale on the live congress wireless network provided useful insight.

The Shadow Traffic dashboard put Tailscale VPN, ExpressVPN, and NordVPN at the top of the list.

Shadow Traffic detection conveniently labels the suspicious connections, making filtering in the Unified Events Viewer straightforward and precise.

With Shadow Traffic detection, you expand visibility into inspection gaps that most organizations don’t even realize they have.

Please note that the network of the venue remains protected at the DNS level by Cisco Secure Access outside the event.

Access to these AI models can be managed with Secure Access to secure AI apart from just leveraging AI for security.

During the event, Secure Access blocked access to one of those phishing domains.

Secure Access Investigate, as appearing above, provides real-time actionable threat intelligence by analysing global data from the Secure Access network using AI to detect, score, and predict emerging threats.

ConcludingThe AI-powered Security and Network Operations Center (S/NOC) at Mobile World Congress 2026 demonstrated Cisco’s commitment to leveraging cutting-edge technologie…

Data optimization in security is often discussed as a cost control mechanism.

In a Splunk security stack, data optimization is not about reducing volume.

Advanced Optimization Blind Spots in Splunk Security EnvironmentsData Model Acceleration Blindness: Aggressive filtering often breaks Common Information Model (CIM) compliance or data model population.

Security data optimization must include: Search workload modeling; concurrent triage simulation; adversary emulation exercises.

Final Thought and Call to ActionIn Splunk security architectures, data optimization is not a storage tuning exercise, finance initiative, or infrastructure refresh it is a security engineering discipline.

Every year, the Cisco Talos Year in Review captures the patterns shaping the threat landscape.

To unpack the biggest takeaways and what they mean for security teams, we brought together Christopher Marshall, VP of Cisco Talos, and Peter Bailey, SVP and GM of Cisco Security.

For the full discussion, head over to the Cisco Talos blog where you can also download the Year in Review report.

Old vulnerabilities, new speedMarshall: One of the clearest trends in this year’s data is the contrast in how vulnerabilities are being exploited.

Read full post on the Cisco Talos blogWe’d love to hear what you think!

Our research shows that nearly 60% of security leaders view security concerns as the primary barrier to broader agentic AI adoption.

At the exact same time, 29% rank securing agentic AI among their top three priorities for the coming year.

Much like a public-facing web service, an external AI agent can be attacked, exploited, or “poisoned” by malicious inputs.

The “Who Owns This?” ProblemAs agentic AI expands into operational systems, who is actually responsible for securing it?

Explore our Agentic AI Security Solution to learn more, or view the full survey results infographic.

Welcome to the Agentic AI EraEnterprise interest in agentic AI is accelerating.

AI agents operate at machine speeds to execute complex tasks, yet they completely lack essential human judgment and contextual awareness.

Current challenges in the agentic AI ecosystemWhen our teams were analyzing the problem around governing this new digital AI workforce, we saw three areas across our customer and prospect conversations on why zero trust access built for humans must adapt to agentic workflows:Early and fragmented ecosystem.

Zero trust for agentic AI in practiceLet’s look at a typical scenario — a financial automation agent kicking off vendor payments.

We are thrilled to partner with AI-driven o…

Directory discovery and persistenceFollowing the initial identity takeover, the threat actor conducted directory discovery using Microsoft Graph API.

We assess that this behavior reflects an attempt to identify opportunities for lateral movement from a compromised cloud identity into the endpoint network.

However, the threat actor wasn’t able to retrieve the secrets because the managed identity lacked the required permissions.

Learn moreFor the latest security research from the Microsoft Threat Intelligence community, check out the Microsoft Threat Intelligence Blog.

To hear stories and insights from the Microsoft Threat Intelligence community about the ever-evolving threat landscape, liste…

In celebrating National Small Business Month, we want to acknowledge the unique challenges that growing business leaders face as AI creates both opportunity and risk.

Cybersecurity—from IT issue to business riskToday’s cybersecurity landscape is defined by speed, scale, and automation—trends that disproportionately affect growing businesses.

Even short disruptions can have outsized consequences for growing businesses, from lost revenue and stalled growth to reputational damage that’s hard to repair.

Microsoft Security is built with this in mind, offering integrated, easy‑to‑manage protections that help safeguard devices, identities, email, and cloud apps without adding unnecessary complexit…

Designing Secure Autonomous AI Agents with Defense in DepthAI agents are moving beyond assistance and into action.

Security for agentic AI relies on defense in depth.

Pattern 1: Design agents like microservicesThe most consequential application layer decision is action scope: how broadly you define an agent’s responsibilities.

To implement Pattern 1: Agents as Microservices and Pattern 2: Least permissions, agents must never have the same identity as the user.

As organizations deploy more agentic AI systems, the question is not whether agents will make mistakes.

Designing Secure Autonomous AI Agents with Defense in DepthAI agents are moving beyond assistance and into action.

Security for agentic AI relies on defense in depth.

Pattern 1: Design agents like microservicesThe most consequential application layer decision is action scope: how broadly you define an agent’s responsibilities.

To implement Pattern 1: Agents as Microservices and Pattern 2: Least permissions, agents must never have the same identity as the user.

As organizations deploy more agentic AI systems, the question is not whether agents will make mistakes.

By separating responsibilities across Kernel, Bridge, and Worker modules and restricting external communications to a single elected leader, Kazuar reduces its observable footprint.

Type: KernelThe Kernel module serves as the central coordinator for the botnet.

Leadership electionOne of the methods that Kazuar uses to limit external communication is to use a single Kernel leader per botnet.

Botnet operationsWith the botnet setup complete, configurations instantiated, and a leader elected, Kazuar transitions into its steady state operational phase.

The Kernel module task handler has a few additional functions that handle commands issued from the leader Kernel module.

By separating responsibilities across Kernel, Bridge, and Worker modules and restricting external communications to a single elected leader, Kazuar reduces its observable footprint.

Type: KernelThe Kernel module serves as the central coordinator for the botnet.

Leadership electionOne of the methods that Kazuar uses to limit external communication is to use a single Kernel leader per botnet.

Botnet operationsWith the botnet setup complete, configurations instantiated, and a leader elected, Kazuar transitions into its steady state operational phase.

The Kernel module task handler has a few additional functions that handle commands issued from the leader Kernel module.

In this blog, we look at examples of exploitable misconfigurations we’ve observed in some of the popular AI applications and platforms.

Defender for Cloud signals indicate that more than half of cloud-native workload exploitations, including AI applications, stem from misconfigurations.

Exploitable misconfigurations in popular AI applicationsIn the following sections, we discuss examples of exploitable misconfigurations found in popular applications and platforms across the AI and agentic ecosystem.

Learn moreFor the latest security research from the Microsoft Threat Intelligence community, check out the Microsoft Threat Intelligence Blog.

To hear stories and insights from the Microsoft Thr…

In this blog, we look at examples of exploitable misconfigurations we’ve observed in some of the popular AI applications and platforms.

Defender for Cloud signals indicate that more than half of cloud-native workload exploitations, including AI applications, stem from misconfigurations.

Exploitable misconfigurations in popular AI applicationsIn the following sections, we discuss examples of exploitable misconfigurations found in popular applications and platforms across the AI and agentic ecosystem.

Learn moreFor the latest security research from the Microsoft Threat Intelligence community, check out the Microsoft Threat Intelligence Blog.

To hear stories and insights from the Microsoft Thr…

Yet, despite their importance, high‑quality security attack logs are notoriously difficult to collect, especially at scale.

In this post, we explore a different path: using AI to generate realistic, high‑fidelity synthetic security attack logs.

This blog examines whether AI-assisted synthetic log generation can provide similar fidelity, without the operational overhead of lab‑based attack execution.

We limited the evaluation of synthetic attack logs to malicious activity during the attack windows.

Overall, agentic collaboration emerges as the most effective technique for high‑quality synthetic attack logs generation.

Yet, despite their importance, high‑quality security attack logs are notoriously difficult to collect, especially at scale.

In this post, we explore a different path: using AI to generate realistic, high‑fidelity synthetic security attack logs.

This blog examines whether AI-assisted synthetic log generation can provide similar fidelity, without the operational overhead of lab‑based attack execution.

We limited the evaluation of synthetic attack logs to malicious activity during the attack windows.

Overall, agentic collaboration emerges as the most effective technique for high‑quality synthetic attack logs generation.

They used the new Microsoft Security multi-model agentic scanning harness (codename MDASH) which was built by Microsoft’s Autonomous Code Security team.

Codename MDASH is being used by Microsoft security engineering teams and tested by a small set of customers as part of a limited private preview.

Codename: MDASH—Microsoft Security’s new multi-model agentic scanning harnessCodename MDASH is, at its core, an agentic vulnerability discovery and remediation system.

The findings in this Patch Tuesday and the retrospective recall on five years of CLFS MSRC cases are evidence that AI vulnerability findings can scale.

ConclusionThe Microsoft Security multi-model agentic scanning harness (codename …

They used the new Microsoft Security multi-model agentic scanning harness (codename MDASH) which was built by Microsoft’s Autonomous Code Security team.

Codename MDASH is being used by Microsoft security engineering teams and tested by a small set of customers as part of a limited private preview.

Codename: MDASH—Microsoft Security’s new multi-model agentic scanning harnessCodename MDASH is, at its core, an agentic vulnerability discovery and remediation system.

The findings in this Patch Tuesday and the retrospective recall on five years of CLFS MSRC cases are evidence that AI vulnerability findings can scale.

ConclusionThe Microsoft Security multi-model agentic scanning harness (codename …

If you own, create, or maintain online services and web portals, you’re probably aware of the dramatic upswing in DDoS attacks on your domains.

Whether you are responsible for a single public website or a large portfolio of consumer-facing applications, defending against modern DDoS attacks means more than just absorbing traffic.

The nature of modern DDoS attacksEarly DDoS attacks were largely about volume.

Modern DDoS attacks are more nuanced.

When attack traffic looks like normal user traffic, typical network-level blocklists aren’t very effective.

Days 40–60: Lateral movement and remote accessThe threat actor leveraged harvested credentials and covert connectivity to move laterally across devices, including highly sensitive assets.

Initial accessDuring the investigation, two internet-exposed web servers, WEB-01 and WEB-02, were identified as the earliest known compromised assets.

Enable detailed logging and monitoring on web servers and actively watch for anomalies (such as unexpected file changes or suspicious web requests).

Learn moreFor the latest security research from the Microsoft Threat Intelligence community, check out the Microsoft Threat Intelligence Blog.

To hear stories and insights from the Microsoft Threat Intelligence …

Here, threat actors may simply seed prompt injections on websites in hope of corrupting AI systems that browse them.

Early experiments revealed a significant volume of "benign" prompt injection text, which illustrates the complexity of distinguishing between functional threats and harmless content.

Many prompt injections were found in research papers, educational blog posts, or security articles discussing this very topic.

(Source: GitHub/swisskyrepo)When searching for prompt injections naively, the majority of detections are benign content – false positives in our case.

Malicious: ExfiltrationWe were able to observe a small number of prompt injections that aim at theft of data.

Recognizing the risks associated within the complex modem firmware, Pixel 9 shipped with mitigations against a range of memory-safety vulnerabilities.

Following our previous discussion on "Deploying Rust in Existing Firmware Codebases", this post shares a concrete application: integrating a memory-safe Rust DNS(Domain Name System) parser into the modem firmware.

Hook-up Rust to modem firmwareBefore building the Rust DNS library, we defined several Rust unit tests to cover basic arithmetic, dynamic allocations, and FFI to verify the integration of Rust with the existing modem firmware code base.

Pixel modem firmware already has a well-tested and specialized global memory allocation system to…

This project represents a significant step forward in our ongoing efforts to combat session theft, which remains a prevalent threat in the modern security landscape.

Session theft typically occurs when a user inadvertently downloads malware onto their device.

Once active, the malware can silently extract existing session cookies from the browser or wait for the user to log in to new accounts, before exfiltrating these tokens to an attacker-controlled server.

How DBSC WorksDBSC protects against session theft by cryptographically binding authentication sessions to a specific device.

The issuance of new short-lived session cookies is contingent upon Chrome proving possession of the correspondi…

Staying ahead of the latest indirect prompt injection attacks is critical to our mission of securing Workspace with Gemini.

In our previous blog “Mitigating prompt injection attacks with a layered defense strategy”, we reviewed the layered architecture of our IPI defenses.

Synthetic data generationAfter we discover, curate, and catalog new attacks, we use Simula to generate synthetic data expanding these new attacks.

We partition the synthetic data described above into separate training and validation sets to ensure performance is evaluated against held-out examples.

This process leverages the newly generated synthetic attack data described on this blog, to create a robust, end-to-end evalu…

2025 marked a special year in the history of vulnerability rewards and bug bounty programs at Google: our 15th anniversary 🎉🎉🎉!

Coming back to 2025 specifically, our VRP once again confirmed the ongoing value of engaging with the external security research community to make Google and its products safer.

Vulnerability Reward Program 2025 in NumbersWant to learn more about who’s reporting to the VRP?

Tip: Want to be informed of new developments and events around our Vulnerability Reward Program?

Follow the Google VRP channel on X to stay in the loop and be sure to check out the Security Engineering blog, which covers topics ranging from VRP updates to security practices and vulnerability des…

To stay ahead of the curve, the technology industry must undertake a proactive, multi-year migration to Post-Quantum Cryptography (PQC).

To bring these critical protections to the wider developer community with minimal friction, the transition will be supported through Play App Signing.

Play App Signing leverages Google Cloud KMS, which helps ensure industry-leading compliance standards, to secure signing keys.

Empower Developers : The inclusion of ML-DSA support within Android Keystore and Play App Signing allows developers to safeguard their users and application.

: The inclusion of ML-DSA support within Android Keystore and Play App Signing allows developers to safeguard their users and …

Today we're announcing a new program in Chrome to make HTTPS certificates secure against quantum computers.

Instead, Chrome, in collaboration with other partners, is developing an evolution of HTTPS certificates based on Merkle Tree Certificates (MTCs), currently in development in the PLANTS working group.

Since MTC technology shares significant architectural similarities with CT, these operators are uniquely qualified to ensure MTCs are able to get off the ground quickly and successfully.

The Chrome Quantum-resistant Root Program will operate alongside our existing Chrome Root Program to ensure a risk-managed transition that maintains the highest levels of security for all users.

First, we…

For Majik, Scam Detection was the intervention he needed: “The warning is what made me pause and avoid a bad situation”.

As scammers evolve their tactics and create more convincing and personalized threats, we’re using the best of Google AI to stay one step ahead.

Expanding Scam Detection for Calls to Samsung DevicesTo help protect you during phone calls, Scam Detection alerts you if a caller uses speech patterns commonly associated with fraud.

Scam Detection for phone calls on Google Pixel devices is available in the U.S., Australia, Canada, India, Ireland, and the UK.

Powered by Gemini’s on-device model, Scam Detection provides intelligent protection against scam calls while ensuring that…

Upgrading Google Play’s AI-powered, multi-layered user protectionsWe’ve seen a clear impact from these safety efforts on Google Play.

As Android’s built-in defense against malware and unwanted software, Google Play Protect now scans over 350 billion Android apps daily.

This proactive protection constantly checks both Play apps and those from other sources to ensure they are not potentially harmful.

Looking aheadOur top priority remains making Google Play and Android the most trusted app ecosystems for everyone.

Thank you for being part of the Google Play and Android community as we work together to build a safer app ecosystem.

That’s why we're committed to providing multi-layered defenses that help protect you before, during, and after a theft attempt.

Today, we're announcing a powerful set of theft protection feature updates that build on our existing protections, designed to give you greater peace of mind by making your device a much harder target for criminals.

These updates are now available for Android devices running Android 16+.

More User Control for Failed Authentications: In Android 15, we launched Failed Authentication Lock, a feature that automatically locks the device's screen after excessive failed authentication attempts.

This feature is now getting a new dedicated enable/disable toggle in settings,…

These initiatives, driven by Ballots SC-080, SC-090, and SC-091, will sunset 11 legacy methods for Domain Control Validation.

What’s Domain Control Validation?

Domain Control Validation is a security-critical process designed to ensure certificates are only issued to the legitimate domain operator.

Sunsetted methods relying on email:Sunsetted methods relying on phone:Sunsetted method relying on a reverse lookup:For everyday users, these changes are invisible - and that’s the point.

These changes push the ecosystem toward standardized (e.g., ACME), modern, and auditable Domain Control Validation methods.

Partnership with ArmOur goal is to raise the bar on GPU security, ensuring the Mali GPU driver and firmware remain highly resilient against potential threats.

We partnered with Arm to conduct an analysis of the Mali driver, used on approximately 45% of Android devices.

This approach allowed us to roll out the new security policy broadly while minimizing the impact on developers.

This effort spans across Android and Android OEMs, and required close collaboration with Arm.

The Android security team is committed to collaborating with ecosystem partners to drive broader adoption of this approach to help harden the GPU.

We built on Gemini's existing protections and agent security principles and have implemented several new layers for Chrome.

To further bolster model alignment beyond spotlighting, we’re introducing the User Alignment Critic — a separate model built with Gemini that acts as a high-trust system component.

A flow chart that depicts the User Alignment Critic: a trusted component that vets each action before it reaches the browser.

The User Alignment Critic runs after the planning is complete to double-check each proposed action.

Looking forwardThe upcoming introduction of agentic capabilities in Chrome brings new demands for browser security, and we've approached this challenge with the same ri…

Android uses the best of Google AI and our advanced security expertise to tackle mobile scams from every angle.

Over the last few years, we’ve launched industry-leading features to detect scams and protect users across phone calls, text messages and messaging app chat notifications.

To help combat these types of financial scams, we launched a pilot earlier this year in the UK focused on in-call protections for financial apps.

The UK pilot of Android’s in-call scam protections has already helped thousands of users end calls that could have cost them a significant amount of money.

We’ve also started to pilot this protection with more app types, including peer-to-peer (P2P) payment apps.

Secure by DesignWe built Quick Share’s interoperability support for AirDrop with the same rigorous security standards that we apply to all Google products.

Secure Sharing Channel: The communication channel itself is hardened by our use of Rust to develop this feature.

On Android, security is built in at every layer.

On Android, security is built in at every layer.

Secure Sharing Using AirDrop's "Everyone" ModeTo ensure a seamless experience for both Android and iOS users, Quick Share currently works with AirDrop's "Everyone for 10 minutes" mode.