XPeng обещала «человекоподобную походку». Получилось человекоподобное падение.

Рассказываем, почему план Маска по захвату космоса нейросетями звучит как безумие (и почему это может сработать).

Этот прибор чувствует алкоголь в миллиардных долях. Буквально «одна капля на бассейн».

Скандал в Осло грозит изменить правила вручения наград навсегда.

Джентльменские соглашения в интернете официально аннулированы.

Всё о новых правилах жизни для голландских школьников в 2026 году.

Дуров нашел компромат на Цукерберга двадцатилетней давности.

Теперь каучук растет там, где выживают только верблюды.

Ученые создали 3D-карту недр Солнца.

Теперь любая парковка у секретного штаба считается серьёзным инцидентом.

В сеть утекли личные переписки 25 миллионов пользователей приложения Chat & Ask AI.

L3Harris начинает поставки высокоточных аппаратов для морпехов США.

Бюро опубликовало 10 ключевых мер для повышения киберустойчивости.

Anthropic и Пентагон не могут договориться, как ИИ будет использоваться в армии.

Если вам казалось, что это дело уже не сможет стать ещё безумнее, у нас плохие новости.

Чтобы предотвратить слив, важно понимать, как формируются внутренние риски, по каким признакам можно заметить подготовку утечки и на каких этапах можно её предотвратить.

Понимание того, почему и как формируется внутренний риск, позволяет сместить фокус с реакции на инцидент к его предотвращению.

Для этого важно рассматривать утечку не как разовое событие, а как процесс с понятной логикой, этапами и наблюдаемыми признаками.

Что делает клиентскую базу уязвимойЛюбая компания работает с разными видами информации: базами клиентов, контактами подрядчиков, маркетинговыми планами, договорами и так далее.

Передача конкурентуБаза даёт конкуренту понимание того, какие клиенты, на каких условиях и с ка…

А в декабре модуль памяти в 32 ГБ стоил как хорошая игровая приставка или новый ноутбук в не самой слабой комплектации.

Вслед за подорожанием памяти и процессоров начали повышать цены вендоры оборудования.

Но такая ситуация возникает на рынке не в первый раз, и в целом есть понимание, как будет разворачиваться ситуация.

Чего ждать в ближайшие годыВо многом последствия будут такие же, как в 1980-х.

В долгосрочной перспективе ускорится переход к более эффективным и лёгким библиотекам и фреймворкам и построенным на их основе микросервисным архитектурам на базе легковесных образов контейнеров».

Он в целом более стандартизован и типизирован, и методы киберпреступников таковы, что позволяют их использовать в отношении любых людей, в том числе абсолютно незнакомых.

В 2025 году, по оценке частного детектива Егора Гросмана, количество случаев шантажа в отношении жителей России выросло как минимум на 20 %.

В дальнейшем таких сотрудников могут использовать не только как источник данных, но и как активных участников атаки».

Юрист по судебным спорам компании «Интеллект-Право» Анастасия Тарасенко при этом призывает не грубить и не оскорблять злоумышленника.

Такие технологии существуют и для мессенджеров, например специальные боты для Telegram и встроенные средства «Семейная защита» для Max.

Чем больше новых возможностей появляется в ПО, особенно в сфере ИИ, тем дороже обходится «железо» под него.

Каждая система обрабатывает огромные массивы данных и анализирует их: это уже ресурсозатратные процессы, требующие большой вычислительной нагрузки.

Повлиять на стоимость аппаратных компонентов мы как производитель ПО не можем.

Такой подход, в том числе, позволил реализовать ту самую технологию гибридного хранения данных — и это стало залогом роста аналитических возможностей.

Освобождённые за счёт оптимизации ресурсы — это и есть пространство для развития продукта, которое не бьёт по бюджету.

В DevOps-среде компрометация приводит не к утечке кода, а к нарушению целостности артефактов сборки и программных компонентов, что затрагивает всю цепочку поставок.

Безопасность теперь должна отвечать не на вопрос «что агент сказал», а на вопрос «что он сделал, имел ли на это право и в каком контексте».

Вредоносные инструкции теперь внедряются не в прямой пользовательский запрос, а в контекст выполнения задачи, который агент считает доверенным.

Уязвимость была связана не с ошибкой модели, а с тем, что агент интерпретировал содержимое письма как допустимую инструкцию в рамках задачи.

Рынок защиты ИИ в России в 2026 году оценивается минимум в 1 млрд рублей, а к 2029 году прогнозируется рост д…

ФСТЭК России утвердила правила анализа защищённости: под проверку попали ИИ-системы, контейнеры и промышленная автоматизация.

Что конкретно изменится для ИБ-специалистов, проводящих или заказывающих проведение работ по анализу защищённости, и как новые требования могут повлиять на бюджет и сроки работ?

Для бизнеса и госкомпаний это означает, что под прицел проверки попадают те компоненты, которые часто внедрялись «экспериментально» и жили в полутени ИБ‑процессов.

Переход к зрелой и бизнес-ориентированной безопасностиНовая методика анализа защищённости формирует практический и риск-ориентированный подход к выявлению уязвимостей.

Роль экспертизы: как выбрать Исполнителя и не переплатитьКомпан…

ВведениеПредыдущее сравнение WAF на Anti-Malware.ru вышло до событий и перемен 2022 года, и в нём фигурировали главным образом зарубежные продукты и решения, которые доминировали тогда на рынке ИБ в целом и в отдельных его сегментах.

Сервисы класса WAF, в рамках которых файрвол веб-приложений предоставляется как услуга, в охват этого исследования не включаются.

Да Нет Да Поддержка JSON Да Да Да Да Да Проверка данных в запросах и ответах на соответствие JSON Schema Да Да Да Да Нет(только верификация формата) Поддержка разбора JSON Web Token (JWT) с проверкой его валидности Да Да Да Да Нет Поддержка REST Да Да Да Да Да Поддержка GraphQL Да Да Да Да Нет Поддержка BASE64 Да Да Да Да Да Поддержк…

Рынок ИБ в 2026 году требует стратегов, способных соединить глубокие технические знания с пониманием бизнеса и человеческого фактора.

Сергей Зеленин добавил, что в 2025 году на рынок вернулись люди, которые покинули Россию в 2022: это опытные специалисты.

Во втором опросе зрители поделились, на что они в первую очередь ориентируются при выборе программы обучения в ИБ (мультивыбор):На соотношение теория/практика — 68 %.

Сергей Зеленин: «Hard skills позволяют повысить вашу квалификацию, но именно soft skills станут главным помощником в карьерном продвижении как в ИБ, так и в ИТ в целом.

Четвёртый опрос показал, каково мнение зрителей о построении карьеры в ИБ после эфира:Будут внедрять то, о …

В процессе сертификации проводится тщательный аудит ПО, в результате чего могут быть выявлены и устранены скрытые недостатки.

Рассмотрим регулируемые отрасли и нормативные документы, которые устанавливают основные требования к использованию в них СЗИ и обеспечению ИБ программных продуктов или систем.

Хотя подтверждение соответствия ПО в России является добровольной процедурой, но для продвижения в регулируемых отраслях становится реальной необходимостью.

Нахождение ПО в реестре делает возможным использовать его в рамках импортозамещения.

Сертификат AM Test Lab (шаблон)ВыводыСейчас под сертификацией программного обеспечения понимают разнообразные процедуры оценки соответствия продукта устано…

В первую волну (в марте 2025 года) злоумышленники вводили в заблуждение получателей писем тем, что приглашали принять участие в общественно-экономическом форуме «Примаковские чтения» в РАН.

Паоло Лецци, CEO компаний Memento Labs (ранее — Hacking Team) и InTheCyberПричём здесь Hacking Team?

Речь пойдёт об итальянской компании Hacking Team, которая в результате продажи и ребрендинга превратилась в 2019 году в компанию Memento Labs.

Участие Hacking TeamИстория взлома серверов на Hacking Team прояснила также некоторые другие важные детали, касающиеся её разработки коммерческого spyware-софта.

Лецци также отметил, что не может «уверенно назвать, кто именно из клиентов компании оказался виновным …

В таких условиях формальный подход к ИБ превращается в источник новых рисков.

Понимание ограничений технологий и отказ от иллюзий — первый шаг к построению устойчивой и живой системы защиты, способной адаптироваться к реальным, а не «учебным» угрозам.

В-третьих, многофакторную аутентификацию (MFA), которая является одной из самых эффективных мер для защиты от атак с использованием украденных учётных данных.

Когда атаки не укладываются в сценарииЕсли автоматизация и стандартные сценарии защиты не обнаруживают всех атак, реальность оказывается ещё сложнее.

Иллюзия полной защищённостиРеальные компрометации редко укладываются в учебные сценарии, а ошибки в проектировании создают ложное ощущение…

По направлению миграцииИз локальной инфраструктуры в облако — перенос сервисов и данных из собственной вычислительной среды заказчика в публичное или частное облако.

Rehost (Lift and Shift) — перенос приложений и данных в облачную инфраструктуру практически без изменений архитектуры и логики работы.

Сложности в процессе миграции и типичные ошибкиМиграция в облако редко проходит гладко: могут возникнуть технические несовместимости или скрытые архитектурные зависимости.

Чек-лист по миграции в облакоВыше мы рассмотрели теорию, проанализировали ключевые аспекты миграции и изучили реальные кейсы российских компаний.

Именно такой подход позволял переносить в облако не только вспомогательные, но и…

Атаки на роботов.

В целом атака на роботов может приводить к различным последствиям:Физический ущерб людям и имуществу вследствие потери контроля (в том числе самоконтроля).

Через взломанного робота можно распространять атаку и на неподключённые экземпляры из группы.

Средства защиты должны стать неотъемлемой частью архитектуры роботов и включать изоляцию компонентов, строгую аутентификацию команд, минимальные привилегии и тотальный контроль всех взаимодействий.

Они направлены не только на соблюдение требований безопасности, но и на обеспечение стабильной, предсказуемой работы систем.

Представители компании позднее сообщили изданию BleepingComputer о том, что злоумышленники взломали один из региональных серверов и подменили там файл обновления антивируса, который был доставлен клиентам.

Большая часть из зафиксированных телеметрией «Лаборатории Касперского» жертв атаки находилась в странах Южной Азии: конкретно в Индии, Бангладеш, Шри-Ланке и на Филиппинах.

В файл hosts прописывались серверы обновления антивируса с невалидными IP-адресами, что делало невозможным относительно простое решение проблемы для пострадавших пользователей путем рассылки «правильного» апдейта.

Интересно, что в ходе анализа инцидента экспертами «Лаборатории Касперского» eScan заблокировал часть вред…

Open Source Analysis: зачем нужен и как его проводитьВ мире современной разработки приложений программное обеспечение с открытым исходным кодом (open source) стало неотъемлемой частью практически любого приложения.

В этой статье я постараюсь разобрать, что такое анализ открытого исходного кода (Open Source Analysis, или OSA), зачем его необходимо проводить, как он выполняется и как выглядит на практике.

Для решения этих проблем используется Open Source Analysis.

Что такое Open Source Analysis?

Open Source Analysis (OSA) — это процесс выявления и анализа open source компонентов, используемых в приложении.

Использование Rutoken на сборочном конвейере — это использование персональной системы ЭЦП на сервере без присутствия человека.

Чтобы приспособить Rutoken к использованию на сборочном конвейере, нужно автоматизировать процесс ввода PIN-кода, либо этот PIN-код вообще отключить.

После включения функции кэширования PIN-код будет храниться на сервере в зашифрованном виде в файле C:\Users\\AppData\LocalLow\Aktiv Co\Rutoken\pcache.txtТаким образом система персональной ЭЦП может стать серверной системой.

Написали собственный простенький вариант системной службы Windows на WinApi c вариациями запуска signtool.exe c помощью CreateProcess / CreateProcessAsUser / WTSQueryUserToken+ / etc .

Результаты: …

Как следует из официального сообщения разработчика программы, сервер обновлений Notepad++ был скомпрометирован на уровне инфраструктуры хостинг-провайдера.

Это позволило злоумышленникам перехватывать и перенаправлять трафик обновлений на контролируемый ими сервер, без необходимости взлома репозитория Notepad++.

Для них Notepad++ стал идеальной «отмычкой» - через этот популярный инструмент разработчиков они могли проникнуть в закрытые сети крупных компаний и госучреждений.

Если вы или ваши сотрудники обновляли Notepad++ в период с июня по декабрь 2025 года, риск заражения вполне реален.

Сейчас самое время проверить рабочие станции и убедиться, что подозрительных обновлений не было.

Похоже, позже RPG портировали в MS-DOS, поэтому те же программные инструменты, написанные на RPG, могут работать на персональных компьютерах.

Эта бухгалтерская фирма работала на компьютере с Windows 98 (да, в 2026 году) и запускала написанное на RPG ПО в консольном окне DOS.

Оказалось, что для работы ПО требовалось подключить к параллельному порту компьютера специальный аппаратный донгл защиты от копирования!

Я начал изолированные эксперименты с компилятором RPG и очень быстро осознал, что аппаратный донгл требуется самому компилятору RPG, который автоматически инъецирует ту же логику защиты от копирования во все генерируемые им исполняемые файлы.

Возможно, я не полностью разобрался в логик…

Что такое СМЭВ и зачем он бизнесуСМЭВ (Система межведомственного электронного взаимодействия) — это инфраструктура, через которую государственные и муниципальные органы обмениваются данными.

Но со временем к системе стали подключаться и коммерческие организации — при наличии законных оснований и соблюдении установленной процедуры.

И для них путь лежит через подкомиссию по использованию информационно-коммуникационных технологий Правительственной комиссии по цифровому развитию.

Формально необходимый комплект документов у клиента имелся, но он не учитывал особенности подключения к СМЭВ и фактическую архитектуру системы.

ВыводыПодключение к СМЭВ — это не просто техническая интеграция.

Решение таких задач невозможно без обеспечения сотрудников качественным и функциональным ПО, таким как офисный пакет «Офис+ Стандартный».

«Офис+ Стандартный» позволяет решить все выше перечисленные задачи с помощью «Корпоративного сервера обновления и активации Офис+».

«Корпоративный сервер обновления и активации Офис+» при проведении операций активаций и обновления версий общается с серверами Офис+ по протоколу с шифрованием (SSL).

Данный функционал, например, позволяет через доступ к БД(ADODB) получить данные для анализа в «Офис+ Таблицы» или для формирования документов в «Офис+ Документ».

Приложение «Офис+ Почта», входящее в состав «Офис+ Стандартный», предоставляет единую рабочую среду,…

Для безопасности лучше заблаговременно скачать всю информацию и сохранить локально.

Может возникнуть ситуация, когда близкий человек ушёл из жизни, а мы хотим сохранить для родственников историю его переписок.

Скачанные файлы можно сохранять на диск, в облачное хранилище (S3) или обратно в Telegram (в другой канал).

FranzЕсть неофициальные клиенты и для других мессенджеров.

В принципе, свой клиент для Telegram может написать любой разработчик, это не очень сложная задача, некоторые даже документируют процесс.

┃# ┃ Legitimate integrators must use the official Checkout Kit: ┃# ┃ https://www.shopify.com/checkout-kit ┃# ┃ ┃# ┃ Terms of Service: https://www.shopify.com/legal/terms ┃# ┃ Contact: [email protected] ┃# ┗━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┛User-agent:Disallow: /a/downloads/-/Disallow: /adminDisallow: /cartDisallow: /ordersDisallow: /checkouts/Disallow: /checkoutDisallow: /58177388736/checkoutsDisallow: /58177388736/ordersDisallow: /cartsDisallow: /accountDisallow: /collections/*sort_by*Disallow: /*/collections/*sort_by*Disallow: /collections/*+*Disallow: /collections/*%2B*Disallow: /collections/*%2b*Disallow: /*/collections/*+*Disallow: /*/collections/*%2B*Disallow: /*/collections/*%2b…

При этом последнему пункту уделяют мало внимания, забывая, что, не пройдя первичный фильтр программного комитета, до выступления дело может и не дойти.

Что за PHDays такой Возможно, дорогой читатель не в курсе, что за PHDays такой.

Значимость может оцениваться не только «в человеках», но и в деньгах.

А если четко сформулировать ценность для внешней аудитории автор не в состоянии… может, такую заявку, вообще, не надо подавать?

Если на все вопросы вы отвечаете «да» — шансы у заявки хорошие.

Считают, что ближайшие 5-10 лет определят, продолжит блокчейн работать или станет слишком зависим от скорости прогресса в квантовых вычислениях.

Исследователи сопоставляют такой блокчейн с машиной времени — потому что для него нужна запутанность во времени, а не пространстве.

Источник: https://aws.amazon.com/Например, технологию описывает патент на блокчейн-сеть на основе квантовых ключей и метод безопасной передачи данных (US20240430080A1).

US20250007693A1 на «Метод и устройство для снижения накладных расходов на производительность, связанных с использованием KYB-технологии для безопасного обмена ключами».

Преимущество PQC в том, что алгоритмы работают на классических компьютерах и могут б…

Меня зовут Дима, некоторые меня тут уже знают, и сегодня я расскажу о том, как я создал GoMCP — production-grade альтернативу официальному MCP SDK от Anthropic.

Спойлер: получилось в 10 раз быстрее, с multi-tenancy и enterprise-фичами из коробки.

В конце 2024 года Anthropic представил Model Context Protocol — стандарт для подключения LLM к внешним инструментам.

Идея отличная, но реализация... скажем так, не для production:Проблемы официального SDK# Типичный MCP server на Python @server.tool() async def my_tool(args: dict) -> str: # Где валидация?

Supervisor pattern — централизованное управление workers:sup := supervisor.New(supervisor.Config{ DefaultTimeout: 30 * time.Second, MaxWorkers: 10…

Согласие требуется только для целей, не предусмотренных законом: размещение фото на корпоративном сайте, передача данных в негосударственный пенсионный фонд, использование личного телефона для корпоративных рассылок.

Состав данных: ФИО контактного лица, должность, рабочий телефон и email, данные для доверенности при необходимости.

Это слишком абстрактно и не соответствует требованию конкретности.

Максимальный состав данных для всех.

— Описаны права субъектов и порядок обращения?

Существующие документыУказ Президента №490Вышедшие не в 2025, но в 2024, правки к Указу Президента №490 - основа российской нормативной базы.

Даны термины касательно ИИ в целом, и в частности - есть несколько важных для ИБ пунктов.

Но это и не должно тут быть, это уже вотчина стандартов, внутренних корпоративных методик или публичных гайдов например от OWASP.

Уязвимости принимают много форм, которые раньше не описывали, не учитывали и не проверяли.

Оценка критичности тоже должна считаться по параметрам контура, а не по «опасности текста».

Разработчики сообщили, что в 2025 году китайские «правительственные» хакеры скомпрометировали официальный механизм обновления Notepad++.

Напомним, в конце 2025 года пользователи обнаружили, что система обновлений Notepad++ загружает вредоносные файлы вместо легитимных апдейтов.

Это позволило им продолжать перенаправлять часть трафика, идущего на notepad-plus-plus.org/update/getDownloadUrl.php, на свои серверы, где жертвам предоставляли URL-адреса обновлений с вредоносными файлами.

Провайдер устранил уязвимости, которые могли использоваться для атак на Notepad++, сменил все учетные данные, которые могли получить хакеры, а также изучил логи всех серверов на предмет похожих вредоносных паттерн…

Исследователи обнаружили новую схему атак, которая сочетает метод ClickFix с поддельной CAPTCHA и использует подписанные скрипты Microsoft Application Virtualization (App-V) для распространения малвари Amatera.

В классической версии таких атак жертв заманивают на вредоносные сайты и там обманом заставляют скопировать в буфер и выполнить некие команды PowerShell.

Хотя чаще всего ClickFix-атаки нацелены на пользователей Windows, ИБ-специалисты уже не раз предупреждали и о кампаниях, направленных на пользователей macOS и Linux.

Жертва попадает на фальшивую страницу с CAPTCHA, где ее просят вручную скопировать и запустить команду через Windows Run.

Скрипт запускается через доверенный системный …

Справка: сканирование портовСка­ниро­вание пор­тов — стан­дар­тный пер­вый шаг при любой ата­ке.

На осно­ве этой информа­ции выбира­ется сле­дующий шаг к получе­нию точ­ки вхо­да.

Улуч­шить резуль­таты его работы ты можешь при помощи сле­дующе­го скрип­та:#!/ bin/ bash ports = $( nmap -p- --min-rate = 500 $1 | grep ^[ 0- 9] | cut -d '/ ' -f 1 | tr ' ' ', ' | sed s/, $/ / ) nmap -p $ports -A $1Он дей­ству­ет в два эта­па.

На пер­вом про­изво­дит­ся обыч­ное быс­трое ска­ниро­вание, на вто­ром — более тща­тель­ное ска­ниро­вание, с исполь­зовани­ем име­ющих­ся скрип­тов (опция -A ).

Под­робнее про работу с Nmap читай в статье «Nmap с самого начала.

Динг работал в Google с 2019 года.

Как ранее сообщало Министерство юстиции США, c мая 2022 по апрель 2023 года он скачал более 2000 страниц внутренних документов об ИИ-инфраструктуре компании.

Согласно обвинительному заключению, Динг переносил данные из исходников Google в приложение Apple Notes на корпоративном MacBook, конвертировал заметки в PDF, а затем загружал их в личный аккаунт Google Cloud.

Чтобы скрыть их, он попросил коллегу периодически сканировать его бейдж на входе в офис Google — создавая видимость, что он присутствует на рабочем месте, тогда как на самом деле он находился в Китае.

Схема развалилась в конце 2023 года, когда Google стало известно о публичной презентации Динга …

ИИ-игрушки Bondu (плюшевые динозавры со встроенным чат-ботом) позволяли любому пользователю с аккаунтом Gmail получить доступ к транскриптам разговоров детей с игрушкой, их личным данным и семейной информации.

Дело в том, что соседка Такера купила Bondu своим детям и решила поинтересоваться мнением специалиста по безопасности об игрушке.

Bondu не сохраняла аудиозаписи бесед — только текстовые расшифровки.

Однако это в компании комментировать не стали.

Такер резюмирует, что после обнаруженной утечки он никогда не станет покупать ИИ-игрушки своим детям, потому что «это просто кошмар с точки зрения приватности».

Эксперты компании Bitdefender обнаружили масштабную кампанию по распространению Android-малвари через платформу Hugging Face.

Hugging Face — популярная площадка для хостинга ИИ-моделей, NLP и машинного обучения.

Сервер инициирует редирект в Hugging Face, где хранится вредоносный APK.

В результате финальный пейлоад загружается из инфраструктуры Hugging Face, через ее CDN.

Специалисты Bitdefender уведомили Hugging Face об активности атакующих, и в настоящее время платформа уже удалила вредоносные датасеты.

До это­го Кирилл ни разу не ввя­зывал­ся в подоб­ные ком­мерчес­кие про­екты, если не брать в рас­чет заяв­ки с хакер­ских форумов.

Или, что гораз­до чес­тнее, прос­то впер­вые стол­кнул­ся с подоб­ной ситу­ацией и не имел ни малей­шего пред­став­ления, как пос­тупить пра­виль­но.

А в углу, сдви­нув нес­коль­ко сто­лов, ребята орга­низо­вали сво­еоб­разный мини‑офис, где пря­мо сей­час кипела работа над интернет‑магази­ном.

Го­лос у нее был подоз­ритель­но бод­рый, буд­то она заранее зна­ла, что он ска­жет «нет», и уже при­гото­вила запас­ные вари­анты.

У меня мать с отцом, меж­ду про­чим, квар­тирны­ми ремон­тами занима­ются, они меня пос­ле шко­лы с собой бра­ли иног­да, потому что не с к…

В этом году бумажные выпуски «Хакера» будут выходить раз в квартал, и сбор предварительных заказов на первый номер уже подходит к концу.

Раз в квартал мы будем выпускать полноценный глянцевый журнал на 240 полосах с лучшими материалами.

Это значит, что в 2026 году выйдут четыре бумажных номера — по одному в квартал.

Что в первом номереВ первый выпуск 2026 года войдут лучшие статьи последних месяцев.

На что способен ZX Evolution — самый продвинутый клон ZX Spectrum.

Компания Match Group, владеющая популярными дейтинговыми сервисами Tinder, Match, Meetic, OkCupid и Hinge, пострадала от кибератаки.

Злоумышленники утверждают, что архив содержит порядка 10 млн записей пользователей Hinge, Match и OkCupid, а также сотни внутренних корпоративных документов.

Match Group серьезно относится к защите пользователей и оперативно заблокировала несанкционированный доступ», — сообщили в компании.

В Match Group сообщили, что атака затронула «ограниченный объем данных пользователей», и сейчас пострадавших уже уведомляют о случившемся.

По информации издания Bleeping Computer, в случае Match Group хакеры скомпрометировали SSO-аккаунт в Okta, что дало им доступ к системе …

Аналитики Positive Technologies сообщают, что 12 декабря 2025 года в соцсетях появилась ранее неизвестная группировка Punishing Owl.

Группировка зарегистрировала аккаунты в соцсетях и на хак-форумах в даркнете в декабре прошлого года и теперь активно раскручивает свой «бренд».

Дополнительно в течение нескольких дней после публикации Punishing Owl запустила email-рассылку на адреса контрагентов взломанной организации.

Подчеркивается, что все обнаруженные атаки Punishing Owl нацелены исключительно на российскую критическую инфраструктуру — госучреждения, научные предприятия, ИТ-организации.

Предполагается, что Punishing Owl, скорее всего, останется в спектре российских киберугроз надолго.

Суп­ругов арес­товали в фев­рале 2022 года, а в августе 2023-го они приз­нали свою вину в отмы­вании денег.

Ис­тория Лих­тен­штей­на и Мор­ган ста­ла нас­толь­ко резонан­сной, что в 2024 году Netflix выпус­тил докумен­таль­ный фильм о них под наз­вани­ем Biggest Heist Ever.

Но нас­тоящий обвал слу­чил­ся пос­ле релиза ChatGPT в нояб­ре 2022 года, и с тех пор гра­фик активнос­ти упал прак­тичес­ки до нуля.

По дан­ным Censys, по сос­тоянию на конец декаб­ря 2025 года в сети нас­читыва­лось бо­лее 100 тысяч потен­циаль­но уяз­вимых уста­новок.

Эти инди­като­ры ком­про­мета­ции сов­пада­ют с дан­ными Arctic Wolf: иссле­дова­тели пишут, что наб­люда­ют ана­логич­ную активность как в текущих ата­…

Подчеркивается, что компания изолировала скомпрометированную инфраструктуру, восстановила ее с нуля, сменила все учетные данные и выпустила инструмент для пострадавших клиентов.

По их данным, злоумышленники получили доступ к конфигурации регионального сервера обновлений и подменили легитимный файл на вредоносный.

Отмечается, что пострадавшие пользователи могли заметить ошибки от службы обновлений, обратить внимание на невозможность получения новых сигнатур, всплывающие окна о недоступности обновлений и измененный HOSTS-файл.

Также разработчики eScan отрицают, что пострадавшие пользователи не знали об инциденте — компания утверждает, что проактивно уведомляла клиентов по электронной почте, ч…

Стало известно, что в декабре 2025 года ботнет Aisuru (Kimwolf) провел мощнейшую DDoS-атаку, которая достигла пиковой мощности в 31,4 Тбит/с и 200 млн запросов в секунду.

Напомним, что за Aisuru числится и предыдущий рекорд в области DDoS — 29,7 Тбит/с.

Еще одна атака, которую эксперты Microsoft связывали с этим ботнетом, достигла 15,72 Тбит/с и исходила с 500 000 IP-адресов.

Из-за времени проведения атаки Cloudflare назвала эту кампанию «Ночь перед Рождеством» и охарактеризовала ее как «беспрецедентную бомбардировку» телекоммуникационных провайдеров и ИТ-организаций.

Хотя ботнет Aisuru в основном строится на скомпрометированных IoT-устройствах и роутерах, источниками атак в кампании «Ночь …

IPIDEA рекламировался как «ведущий мировой поставщик резидентных прокси», который предлагал клиентам более 60 млн резидентных прокси и более 6 млн ежедневно обновляемых IP-адресов (а также 69 000 новых IP каждый день).

Исследователи рассказывают, что всего за неделю с IPIDEA удалось связать активность более 550 различных хак-групп, использовавших exit-ноды сети.

Также следует отметить, что в 2024 году аналитики Cisco Talos связывали IPIDEA с масштабными брутфорс-атаками на VPN- и SSH-сервисы.

Теперь Google Play Protect автоматически обнаруживает и блокирует на обновленных и сертифицированных Android-устройствах любые приложения с SDK, связанными с IPIDEA.

При этом устройства пользователей д…

В 2025-2026 годах злоумышленники существенно обновили свой инструментарий: добавили шпионские функции в бэкдор CoolClient, а также начали применять браузерные стилеры и скрипты для кражи учетных данных, документов и системной информации.

В число целей группы вошли госсектор и частные компании в России, Мьянме, Монголии, Таиланде и других странах Азии.

В период с 2021 по 2025 год злоумышленники применяли для этого продукты Bitdefender, VLC Media Player и несколько решений компании Sangfor.

Также отмечается, что в операциях против госсектора в Мьянме и Таиланде группа использовала новые образцы малвари для кражи данных.

В нескольких атаках обнаружены скрипты для сбора информации о системе, из…

A security audit of 2,857 skills on ClawHub has found 341 malicious skills across multiple campaigns, according to new findings from Koi Security, exposing users to new supply chain risks.

ClawHub is a marketplace designed to make it easy for OpenClaw users to find and install third-party skills.

The development coincides with a report from OpenSourceMalware, which also flagged the same ClawHavoc campaign targeting OpenClaw users.

OpenClaw Adds a Reporting OptionThe problem stems from the fact that ClawHub is open by default and allows anyone to upload skills.

The issue with malicious skills hasn't gone unnoticed by OpenClaw's creator Peter Steinberger, who has since rolled out a reporting …

A high-severity security flaw has been disclosed in OpenClaw (formerly referred to as Clawdbot and Moltbot) that could allow remote code execution (RCE) through a crafted malicious link.

It has been described as a token exfiltration vulnerability that leads to full gateway compromise.

"Clicking a crafted link or visiting a malicious site can send the token to an attacker-controlled server.

Mav Levin, founding security researcher at depthfirst who is credited with discovering the shortcoming, said it can be exploited to create a one-click RCE exploit chain that takes only milliseconds after a victim visits a single malicious web page.

The attacker gains operator-level access to the gateway A…

Microsoft has announced a three-phase approach to phase out New Technology LAN Manager (NTLM) as part of its efforts to shift Windows environments toward stronger, Kerberos-based options.

"However, as security threats have evolved, so have our standards to meet modern security expectations.

This also requires organizations relying on NTLM to conduct audits, map dependencies, migrate to Kerberos, test NTLM-off configurations in non-production environments, and enable Kerberos upgrades.

"Disabling NTLM by default does not mean completely removing NTLM from Windows yet," Gewida said.

"Instead, it means that Windows will be delivered in a secure-by-default state where network NTLM authenticatio…

The threat actors behind the campaign are suspected to be operating out of Latin America.

The threat actors behind the campaign are suspected to be operating out of Latin America.

"This pattern is commonly observed in malware originating from or affiliated with Russian-speaking threat actors, implemented to avoid domestic prosecution," Secure Annex said.

"This pattern is commonly observed in malware originating from or affiliated with Russian-speaking threat actors, implemented to avoid domestic prosecution," Secure Annex said.

Threat Actors Use New Unicode Trick to Evade Detection — Threat actors are using the Unicode character for math division (∕) instead of a standard forward slash (/) …

The challenge is that many security tools add complexity and cost that most mid-market businesses can't absorb.

Why Mid-Market Security Often Feels StuckMost mid-market organizations rely on a small set of foundational tools, such as endpoint protection, email security, and network firewalls.

By combining a unified platform with MDR, mid-market organizations can close coverage gaps and focus internal resources on strategic priorities.

Takeaway: Security Across the Threat LifecycleImproving mid-market cybersecurity isn't about adding more tools—it's about using the right tools more effectively.

Integrating prevention, protection, detection, and response across the threat lifecycle enables st…

The maintainer of Notepad++ has revealed that state-sponsored attackers hijacked the utility's update mechanism to redirect update traffic to malicious servers instead.

"The attack involved [an] infrastructure-level compromise that allowed malicious actors to intercept and redirect update traffic destined for notepad-plus-plus.org," developer Don Ho said.

"The compromise occurred at the hosting provider level rather than through vulnerabilities in Notepad++ code itself."

"According to the former hosting provider, the shared hosting server was compromised until September 2, 2025," Ho explained.

"Even after losing server access, attackers maintained credentials to internal services until Dece…

The update infrastructure for eScan antivirus, a security solution developed by Indian cybersecurity company MicroWorld Technologies, has been compromised by unknown attackers to deliver a persistent downloader to enterprise and consumer systems.

"Malicious updates were distributed through eScan's legitimate update infrastructure, resulting in the deployment of multi-stage malware to enterprise and consumer endpoints globally," Morphisec researcher Michael Gorelik said.

It has also released a patch that reverts the changes introduced as part of the malicious update.

"The issue resulted from unauthorized access to the regional update server infrastructure.

It's currently not known how the th…

Cybersecurity researchers have disclosed details of a supply chain attack targeting the Open VSX Registry in which unidentified threat actors compromised a legitimate developer's resources to push malicious updates to downstream users.

"On January 30, 2026, four established Open VSX extensions published by the oorzc author had malicious versions published to Open VSX that embed the GlassWorm malware loader," Socket security researcher Kirill Boychenko said in a Saturday report.

"These extensions had previously been presented as legitimate developer utilities (some first published more than two years ago) and collectively accumulated over 22,000 Open VSX downloads prior to the malicious rele…

A Farsi-speaking threat actor aligned with Iranian state interests is suspected to be behind a new campaign targeting non-governmental organizations and individuals involved in documenting recent human rights abuses.

What makes the campaign noteworthy is the threat actor's likely reliance on large language models (LLMs) to build and orchestrate the necessary tooling.

The starting point of the attack is a 7-Zip archive with a Farsi filename that contains macro-laced Microsoft Excel documents.

Attacker gets full access to the victim's WhatsApp account."

"This dual-purpose structure enables MOIS to develop human capital for cyber operations while maintaining a layer of separation from direct g…

Google-owned Mandiant on Friday said it identified an "expansion in threat activity" that uses tradecraft consistent with extortion-themed attacks orchestrated by a financially motivated hacking group known as ShinyHunters.

The attacks leverage advanced voice phishing (aka vishing) and bogus credential harvesting sites mimicking targeted companies to gain unauthorized access to victim environments by collecting sign-on (SSO) credentials and multi-factor authentication (MFA) codes.

The end goal of the attacks is to target cloud-based software-as-a-service (SaaS) applications to siphon sensitive data and internal communications and extort victims.

The stolen credentials are then used to regis…

CERT Polska, the Polish computer emergency response team, revealed that coordinated cyber attacks targeted more than 30 wind and photovoltaic farms, a private company from the manufacturing sector, and a large combined heat and power plant (CHP) supplying heat to almost half a million customers in the country.

"All attacks had a purely destructive objective," CERT Polska said in a report published Friday.

The attackers' attempts to detonate the wiper malware were unsuccessful, CERT Polska noted.

"The malware used in the incident involving renewable energy farms was executed directly on the HMI machine," CERT Polska pointed out.

"The attacker used credentials obtained from the on‑premises en…

Cybersecurity researchers have discovered malicious Google Chrome extensions that come with capabilities to hijack affiliate links, steal data, and collect OpenAI ChatGPT authentication tokens.

One of the extensions in question is Amazon Ads Blocker (ID: pnpchphmplpdimbllknjoiopmfphellj), which claims to be a tool to browse Amazon without any sponsored content.

When a user clicks this link to buy the product, the affiliate earns a cut of the sale.

The extensions are assessed to be part of a coordinated campaign due to overlaps in source code, icons, branding, and descriptions -ChatGPT folder, voice download, prompt manager, free tools – ChatGPT Mods (ID: lmiigijnefpkjcenfbinhdpafehaddag)Cha…

Cybersecurity researchers have discovered a new campaign attributed to a China-linked threat actor known as UAT-8099 that took place between late 2025 and early 2026.

The activity, discovered by Cisco Talos, has targeted vulnerable Internet Information Services (IIS) servers located across Asia, but with a specific focus on targets in Thailand and Vietnam.

"While the threat actor continues to rely on web shells, SoftEther VPN, and EasyTier to control compromised IIS servers, their operational strategy has evolved significantly," Talos explained.

It scans incoming requests to IIS servers to check if the visitor is a search engine crawler.

There are also signs that the threat actor is activel…

Therefore, no publicly available summary exists that we are aware of that systematically aggregates information on law enforcement actions.

Arrests account for the largest share (29%) of law enforcement actions, illustrating law enforcement's continued focus on individual accountability and prosecution.

Cyber Extortion, Malware, Hacking, and Cyber Espionage attract the most diverse range of responses (including arrests, charges, sentences, and sanctions).

A study of the top 20 institutions involved in reported law enforcement actions highlights the clear dominance of U.S. agencies.

The analysis of 418 publicly reported law enforcement actions (2021-mid-2025) shows an increasingly active and…

A former Google engineer accused of stealing thousands of the company's confidential documents to build a startup in China has been convicted in the U.S., the Department of Justice (DoJ) announced Thursday.

Linwei Ding (aka Leon Ding), 38, was convicted by a federal jury on seven counts of economic espionage and seven counts of theft of trade secrets for taking over 2,000 documents containing the tech giant's trade secrets related to artificial intelligence (AI) technology for the benefit of the People's Republic of China (PRC).

Ding was indicted in March 2024 for transferring sensitive proprietary information from Google's network to his personal Google Cloud account.

The scheme unravelled…

The trends that emerged in January offer useful clues about the risks and priorities that security teams are likely to contend with throughout the yearThe year got off to a busy start, with January offering an early snapshot of the challenges that (not just) cybersecurity teams are likely to face in the months ahead.

It's therefore time for ESET Chief Security Evangelist Tony Anscombe to look back on some of the month's most impactful cybersecurity stories.

Here's some of what caught Tony's eye:What are some of the lessons businesses should take away from these incidents?

Be sure to check out the video, as well as watch the December 2025 edition of Tony's security news roundup for more news…

Key points of the report: ESET researchers identified new data-wiping malware that we have named DynoWiper, used against an energy company in Poland.

We attribute DynoWiper to Sandworm with medium confidence, in contrast to the ZOV wiper, which we attribute to Sandworm with high confidence.

However, since the start of Russia’s full-scale invasion of Ukraine, Sandworm has changed its tactics regarding targets in Poland.

In December 2025, we detected the deployment of a destructive malware sample, which we named DynoWiper, at an energy company in Poland.

Interestingly, during the analysis of the ZOV wiper incident, we identified a newer PowerShell script used to deploy the ZOV wiper.

The campaign uses a malicious app posing as a chat platform that allows users to initiate conversations with specific “girls” – fake profiles probably operated via WhatsApp.

While we don’t know how the malicious app is distributed, we assume that this exclusivity tactic is used as part of the lure, with the purported access codes distributed along with the app.

GhostChat, the malicious app used in the campaign, poses as a dating chat platform with seemingly locked female profiles.

Once the app is installed, its operators can monitor, and exfiltrate sensitive data from, the victim’s device.

This action triggered ClickFix instructions, as seen in Figure 11, which led to the download and execu…

10 reasons your inbox is full of spam and/or scamsEmail spam can range from pesky, unsolicited missives sent in bulk to the downright dangerous and malicious (phishing messages and malware delivered via spam and also known as ‘malspam’).

They then post or sell that data on cybercrime forums/marketplaces, where others buy it for use in phishing emails.

If they manage to achieve a breakthrough that bypasses spam filters, expect unwanted messages to start flooding in.

What not to doIt’s also best practice never to:Avoid clicking on ‘unsubscribe’ or replying to a spam email, as this will verify your address to the sender.

Reset your email security settings or lower spam ‘sensitivity’ levels.

The attack involved data-wiping malware that ESET researchers have now analyzed and named DynoWiperIn late 2025, Poland’s energy system faced what has been described as the “largest cyberattack” targeting the country in years.

ESET Research has now found that the attack was the work of the notorious Russia-aligned APT group Sandworm.

Meanwhile, the attack on Poland’s power grid in the last week of December involved data-wiping malware that ESET has now analyzed and named DynoWiper.

In their latest APT Activity Report, covering April to September 2025, ESET researchers noted that they spotted Sandworm conducting wiper attacks against targets in Ukraine on a regular basis.

ESET Research offer…

AI chatbots have become a big part of all of our lives since they burst onto the scene more than three years ago.

A similar share of parents is worried their kids think AI chatbots are real people.

Our children use generative AI (GenAI) in diverse ways.

Children are going through an incredible period of emotional and cognitive development, making them vulnerable in various ways.

The onus, therefore, is definitely on parents to get ahead of any threats through proactive monitoring and education.

Here’s how the most common scams targeting Apple Pay users work and what you can do to stay one step aheadApple Pay is clearly a hit with consumers.

Here are some common scams targeting Apple Pay users.

Top six scams targeting Apple Pay usersApple Pay scammers are usually after your financial information, your money or your Apple ID and logins/2FA codes.

Or it could be a fake story about how your Apple Pay account has been suspended, your card was added to Apple Pay or similar pretexts.

First, take a moment to recognize the most common red flags and Apple Pay scams, as listed above.

A full 25 percent of the top 1,000 most-used passwords are made up of nothing but numerals.

This is according to NordPass’ analysis, which is based on billions of leaked passwords and sheds light on password trends among people in 44 countries.

Same old, same oldUsing an easily-guessable password is tantamount to locking the front door of your house with a paper latch.

Weak, obvious, or reused passwords can expose not only individual employees, but entire organizations, their customers, and their partners.

But if your own passwords appear on either list above, improving your account security should be one of the most important of them.

It may be the most recent high-profile case of threat actors abusing LinkedIn to further their own nefarious goals.

It’s easy to get up and running: For threat actors, the potential ROI for attacks using LinkedIn is massive.

Account hijacking : Fake LinkedIn (phishing) pages, infostealers, credential stuffing and other techniques can be used to help threat actors takeover users’ accounts.

: Fake LinkedIn (phishing) pages, infostealers, credential stuffing and other techniques can be used to help threat actors takeover users’ accounts.

However, it would make sense to build LinkedIn threat scenarios of the sort described above into security awareness courses.

New legislation in Australia makes it illegal for those under 16 to have a social media account.

To avoid financial penalties, social media companies have scrambled to remove accounts they believe breach the legislation.

As 2026 has just begun, this also sparks a broader question for internet users and regulators alike: will this be the year the world rethinks identity online?

Unless an app or service is operated by a regulated company that requires identity verification, people are free to create accounts on many services using any identity they desire.

I am not suggesting that all services need to have verified users.

Contrary to popular belief, much of the dark web isn’t the den of digital iniquity that some commentators claim.

involve the large-scale theft of customer/employee information, which then usually appears for sale on the dark web.

If you unwittingly click through and enter your information on a phishing site, it could end up being sold on the dark web.

If you unwittingly click through and enter your information on a phishing site, it could end up being sold on the dark web.

Finally, sign up to identity protection services and sites like HaveIBeenPwned, which will alert you when any PII appears on the dark web.

Indeed, credential stuffing is the digital equivalent of someone discovering a skeleton key that opens your house, office, and safe – all in one sweep.

While credential stuffing is by no means new, several trends have exacerbated the problem.

Here’s the scale at which credential stuffing attacks can be conducted:In 2022, PayPal reported that nearly 35,000 customer accounts were compromised via credential stuffing.

How to protect your organizationThese days, credential stuffing is also a primary vector for account takeover, fraud, and large-scale data theft across industries, including retail, finance, SaaS, and health care.

Importantly, many organizations are embracing passwordless authenti…

As 2025 draws to a close, Tony looks back at the cybersecurity stories that stood out both in December and across the whole of this yearAs we close out 2025, it's time for ESET Chief Security Evangelist Tony Anscombe to review some of the main cybersecurity stories from both the final month of the year and 2025 as a whole.

While staggering, this figure is still just the tip of the iceberg.

The Texas Attorney General is suing five major TV manufacturers, alleging that they illegally collected their users' data by secretly capturing what the viewers watch.

Indeed, Tony goes on to take a look back at some of the most notable cyber-incidents for the entire year, highlighting some of the most pe…

Brushing scams are a type of e-commerce fraud where a seller sends a package to an apparently random person’s address.

It shouldn’t take too much effort to work out if you’ve been singled out by brushing scammers.

It’s yours to keep, if you want toHow do I stay safe from brushing scams?

There are steps you can also take to stop brushing scams from even targeting you.

Brushing scams are just one of many ways fraudsters weaponize your personal information against you.

We provide our method to reproduce the crash using a simple 12-bit or 16-bit JPG image, and an examination of the initial released patch.

CVE-2025-50165 is a flaw in the encoding and compressing process of a JPG image, not in its decoding.

Zscaler’s findings, as well as the description provided by Microsoft, reveal that the flaw stems from the dereference of an uninitialized function pointer in WindowsCodecs.dll, which is part of the Windows Imaging Component.

We analyzed the vulnerable version 10.0.26100.4768 (SHA-1: 5887D96565749067564BABCD3DC5D107AB6666BD), and then performed a binary comparison with the first patched version 10.0.26100.4946 (SHA-1: 4EC1DC0431432BC318E78C520387911EC44F84…

Multi-factor authentication (MFA) is supposed to defend against phishing attacks, but threat actors operating under the ShinyHunters banner are using it as a pretext in ongoing social engineering attacks aimed at bypassing it.

“It’s worth noting that these hybrid phishing operations are also capable of bypassing push notifications that use number challenge/number matching as an additional method of verification,” Okta researchers noted.

“In incidents spanning early to mid-January 2026, UNC6661 pretended to be IT staff and called employees at targeted victim organizations claiming that the company was updating MFA settings.

Once they gained access to Okta customer accounts, the group leverag…

Malwarebytes announced Malwarebytes in ChatGPT, a new way for individuals and small businesses to get fast, trusted security assistance directly within ChatGPT.

This initiative represents a step toward building user confidence in AI by pairing Malwarebytes’ expert threat intelligence with ChatGPT’s functionality.

Malwarebytes is committed to tackling this complex problem through innovative new technology like this integration with ChatGPT, with its AI-powered scam detector, Scam Guard, through investigative research, industry collaboration, and human help and support.

“By bringing Malwarebytes’ threat expertise directly into ChatGPT, we’re meeting people where they already are and giving th…

Suspected Chinese state-sponsored attackers hijacked the Notepad++ update mechanism by compromising the software project’s shared hosting server and intercepting and redirecting update traffic destined for notepad-plus-plus.org, the software’s maintainer Don Ho confirmed on Monday.

The attack timelineIn early December 2025, security researcher Kevin Beaumont said that he knew of three organizations that have had security incidents traced back to Notepad++ processes providing the attackers initial access to the computers.

The attackers were able to pull off this supply chain attack by leveraging security weaknesses in Notepad++’s updater (WinGUP).

Also, given that other attackers are often p…

With preparations well underway, Span Cyber Security Arena 2026 is set to return for its third edition, bringing together domestic and international experts in cyber security.

The conference will take place from 20 to 22 May 2026 in Poreč (Croatia) at Pical Resort 5*, Valamar Collection, offering three days of top tier content and two additional days of specialized masterclasses.

This year’s keynote lineup features Joe Tidy, BBC cyber security reporter, and Sami Laiho, one of the world’s foremost Windows security experts.

Participants have until 13 February to secure their tickets at the Early Bird rate, and after that at the regular price.

Help Net Security will be on-site covering the con…

Windows is shifting to a more secure authentication approach, moving away from New Technology LAN Manager (NTLM) and toward stronger, Kerberos-based options.

NTLM has been part of Windows for decades and continues to appear in some environments, particularly where legacy systems and older applications are present.

“Disabling NTLM by default does not mean completely removing NTLM from Windows yet.

Instead, it means that Windows will be delivered in a secure-by-default state where network NTLM authentication is blocked and no longer used automatically.

At that point, network NTLM authentication will be disabled by default.

We are now seeing open-source tools that can genuinely mimic how a human tester works, not just fire off scans.

I dug into three of them, BugTrace-AI, Shannon, and CAI, the Cybersecurity AI framework, and put them up against real-world targets in a lab environment.

CAI: The “DIY” agent frameworkThe Cybersecurity AI Framework (CAI) is my favourite and the one I spent the most time with.

You can run it for free on your own hardware, but if you’re using top-tier cloud models for a complex multi-step chain, you could easily blow through $10 or more on a single assessment.

BugTrace does the legwork, Shannon proves the high-risk stuff is real, and CAI fills in the gaps for everything else.

The NSA has published Phase One and Phase Two of its Zero Trust Implementation Guidelines, providing structured guidance for organizations working to implement zero trust cybersecurity practices.

The documents are part of a larger series designed to support adoption of zero trust frameworks aligned with the Department of Defense target-level maturity model.

Phase Two defines 41 activities that begin integrating core zero trust solutions into organizational environments, enabling 34 distinct capabilities associated with this later phase.

The Zero Trust Implementation Guidelines align with existing federal frameworks, including the Department of Defense CIO’s Zero Trust Framework, and aim to …

An open-source project called Pompelmi aims to insert malware scanning and policy checks directly into Node.js applications before files reach storage or business logic.

Inline scanning in application codeAt its core, Pompelmi acts as a file scanner that developers can embed into upload handlers.

Developers can enforce allowed file extensions, maximum file sizes, and server-side MIME type validation.

Pompelmi inspects archive contents prior to extraction and applies limits on recursion depth, total file counts, and archive size expansion.

Pluggable scanning logicPompelmi supports multiple scanning strategies that can be combined within a single workflow.

In this Help Net Security video, Rishi Kaushal, CIO at Entrust, explains how security leaders should talk to the board about cyber risk.

Kaushal breaks down the digital trust layer and explains why failures in keys, certificates, or access controls often lead to visible business damage.

He challenges common assumptions about encryption, backups, and post-quantum readiness, and explains why these areas need ongoing management.

The video also outlines practical metrics boards can ask for, including inventory coverage, automation levels, response times, and authentication coverage.

Kaushal closes by reframing cyber security as operational readiness and risk management, giving boards a way to g…

Most organizations view AI identities through the same lens used for other non-human identities, such as service accounts, API keys, and chatbots, according to The State of Non-Human Identity and AI Security report by the Cloud Security Alliance.

AI identities inherit old IAM weaknessesTreating AI identities as another category of non-human identity means they inherit the same weaknesses that have affected identity programs for years.

AI identities are created programmatically, distributed across environments, and used continuously, increasing the number of credentials that require tracking and review.

AI identities are still created and removed through processes that include manual steps, …

Microsoft reveals actively exploited Office zero-day, provides emergency fix (CVE-2026-21509)Microsoft released emergency Office security updates to fix a security feature bypass vulnerability (CVE-2026-21509) that its threat intelligence and security teams spotted being exploited in the wild in zero-day attacks.

This allows security teams to apply passkey policies to specific user groups instead of managing settings at a tenant-wide level.

Microsoft brings AI-powered investigations to security teamsMicrosoft Purview Data Security Investigations is now available.

n8n adds Chat Hub to centralize AI access inside automation workflowsTeams using automation platforms are starting to treat conve…

Microsoft has updated the timeline for transitioning the Microsoft Sentinel experience from the Azure portal to the Microsoft Defender portal from July 1, 2026 to March 31, 2027.

Microsoft said the updated timeline reflects feedback from customers and partners requesting additional time to transition.

“To reduce friction and support customers of all sizes, we are extending the sunset date for managing Microsoft Sentinel in the Azure portal to March 31, 2027.

This additional time ensures customers can transition confidently while taking advantage of new capabilities that are becoming available in the Defender portal,” Alex Klausner, Product Marketing at Microsoft, explained.

The company reco…

A federal jury in California convicted former Google software engineer Linwei Ding, also known as Leon Ding, on seven counts of economic espionage and seven counts of theft of trade secrets tied to AI technology.

Ding faces a maximum sentence of 10 years in prison for each count of theft of trade secrets and up to 15 years for each count of economic espionage.

Trade secrets tied to Google’s AI supercomputing infrastructureJurors found that the stolen information related to hardware and software used in Google’s AI supercomputing data centers.

Additional information covered software used to coordinate thousands of chips into systems capable of training and running large AI models.

The trade …

Arkose Labs announced Arkose Titan, a unified platform that protects enterprises from human and AI-powered fraud, scraping and bot attacks.

Unlike fragmented point solutions, Arkose Titan provides defense-in-depth through intelligent detection and adaptive mitigation against both traditional and emerging AI threats, including agentic AI.

By defending a company’s entire digital experience and customer journey, Arkose Titan makes attacks economically unsustainable for perpetrators.

It includes Arkose Bot Manager, Arkose Device ID, Arkose Email Intelligence, Arkose Scraping Protection and Arkose Edge.

It is crucial for companies to recognize legitimate users,” said Jason Clinton, an executive …

The effort examines public security commitments and the current availability of encryption protections in widely used services.

It maps where encryption features are planned, where they are available through user settings, and where additional protections are proposed.

Protect our data highlights new encryption features that companies should launch based on features already available in similar products.

Encrypt It Already calls on companies to complete announced encryption plans, enable protections by default, and extend encrypted storage to more categories of user data.

Users are encouraged to activate available encryption features and to ask service providers about deployment timelines a…

A new species of squid.

pretends to be a plant:Scientists have filmed a never-before-seen species of deep-sea squid burying itself upside down in the seafloor—a behavior never documented in cephalopods.

They captured the bizarre scene while studying the depths of the Clarion-Clipperton Zone (CCZ), an abyssal plain in the Pacific Ocean targeted for deep-sea mining.

The team described the encounter in a study published Nov. 25 in the journal Ecology, writing that the animal appears to be an undescribed species of whiplash squid.

It was very novel and very puzzling.”

From an Anthropic blog post:In a recent evaluation of AI models’ cyber capabilities, current Claude models can now succeed at multistage attacks on networks with dozens of hosts using only standard, open-source tools, instead of the custom tools needed by previous generations.

This illustrates how barriers to the use of AI in relatively autonomous cyber workflows are rapidly coming down, and highlights the importance of security fundamentals like promptly patching known vulnerabilities.

[…]A notable development during the testing of Claude Sonnet 4.5 is that the model can now succeed on a minority of the networks without the custom cyber toolkit needed by previous generations.

Sonnet 4.5 ac…

The US Supreme Court is considering the constitutionality of geofence warrants.

Police probing the crime found security camera footage showing a man on a cell phone near the credit union that was robbed and asked Google to produce anonymized location data near the robbery site so they could determine who committed the crime.

They did so, providing police with subscriber data for three people, one of whom was Chatrie.

Police then searched Chatrie’s home and allegedly surfaced a gun, almost $100,000 in cash and incriminating notes.

Chatrie’s appeal challenges the constitutionality of geofence warrants, arguing that they violate individuals’ Fourth Amendment rights protecting against unreasona…

About Bruce SchneierI am a public-interest technologist, working at the intersection of security, technology, and people.

I've been writing about security issues on my blog since 2004, and in my monthly newsletter since 1998.

I'm a fellow and lecturer at Harvard's Kennedy School, a board member of EFF, and the Chief of Security Architecture at Inrupt, Inc.

This personal website expresses the opinions of none of those organizations.

About Bruce SchneierI am a public-interest technologist, working at the intersection of security, technology, and people.

I've been writing about security issues on my blog since 2004, and in my monthly newsletter since 1998.

I'm a fellow and lecturer at Harvard's Kennedy School, a board member of EFF, and the Chief of Security Architecture at Inrupt, Inc.

This personal website expresses the opinions of none of those organizations.

Really interesting blog post from Anthropic:In a recent evaluation of AI models’ cyber capabilities, current Claude models can now succeed at multistage attacks on networks with dozens of hosts using only standard, open-source tools, instead of the custom tools needed by previous generations.

This illustrates how barriers to the use of AI in relatively autonomous cyber workflows are rapidly coming down, and highlights the importance of security fundamentals like promptly patching known vulnerabilities.

[…]A notable development during the testing of Claude Sonnet 4.5 is that the model can now succeed on a minority of the networks without the custom cyber toolkit needed by previous generation…

Prompt injection is a method of tricking LLMs into doing things they are normally prevented from doing.

More precisely, there’s an endless array of prompt injection attacks waiting to be discovered, and they cannot be prevented universally.

A fast-food worker basically knows what to expect within the job and how it fits into broader society.

Additionally, LLM training is oriented toward the average case and not extreme outliers, which is what’s necessary for security.

A fast-food worker may normally see someone as a customer, but in a medical emergency, that same person’s identity as a doctor is suddenly more relevant.

Internet Voting is Too Insecure for Use in ElectionsNo matter how many times we say it, the idea comes back again and again.

Hopefully, this letter will hold back the tide for at least a while longer.

Executive summary: Scientists have understood for many years that internet voting is insecure and that there is no known or foreseeable technology that can make it secure.

Still, vendors of internet voting keep claiming that, somehow, their new system is different, or the insecurity doesn’t matter.

Bradley Tusk and his Mobile Voting Foundation keep touting internet voting to journalists and election administrators; this whole effort is misleading and dangerous.

The rampant speculation among OpenAI users who believe they see paid placements in ChatGPT responses suggests they are not convinced.

In 2024, AI search company Perplexity started experimenting with ads in its offerings.

Highly persuasivePaid advertising in AI search, and AI models generally, could look very different from traditional web search.

A December 2023 meta-analysis of 121 randomized trials reported that AI models are as good as humans at shifting people’s perceptions, attitudes and behaviors.

That will require making real commitments to consumers on transparency, privacy, reliability and security that are followed through consistently and verifiably.

About Bruce SchneierI am a public-interest technologist, working at the intersection of security, technology, and people.

I've been writing about security issues on my blog since 2004, and in my monthly newsletter since 1998.

I'm a fellow and lecturer at Harvard's Kennedy School, a board member of EFF, and the Chief of Security Architecture at Inrupt, Inc.

This personal website expresses the opinions of none of those organizations.

Swartz believed that knowledge, especially publicly funded knowledge, should be freely accessible.

The still-unresolved questions raised by his case have resurfaced in today’s debates over artificial intelligence, copyright and the ultimate control of knowledge.

At the time of Swartz’s prosecution, vast amounts of research were funded by taxpayers, conducted at public institutions and intended to advance public understanding.

AI companies then sell their proprietary systems, built on public and private knowledge, back to the people who funded it.

Systems trained on vast bodies of publicly funded research are increasingly becoming the primary way people learn about science, law, medicine and…

About Bruce SchneierI am a public-interest technologist, working at the intersection of security, technology, and people.

I've been writing about security issues on my blog since 2004, and in my monthly newsletter since 1998.

I'm a fellow and lecturer at Harvard's Kennedy School, a board member of EFF, and the Chief of Security Architecture at Inrupt, Inc.

This personal website expresses the opinions of none of those organizations.

About Bruce SchneierI am a public-interest technologist, working at the intersection of security, technology, and people.

I've been writing about security issues on my blog since 2004, and in my monthly newsletter since 1998.

I'm a fellow and lecturer at Harvard's Kennedy School, a board member of EFF, and the Chief of Security Architecture at Inrupt, Inc.

This personal website expresses the opinions of none of those organizations.

Upcoming Speaking EngagementsThis is a current list of where and when I am scheduled to speak:The list is maintained on this page.

Posted on January 14, 2026 at 12:00 PM • 0 Comments

The FBI said Badbox 2.0 was discovered after the original Badbox campaign was disrupted in 2024.

KrebsOnSecurity was initially skeptical of the claim that the Kimwolf botmasters had hacked the Badbox 2.0 botnet.

]net, a domain that was flagged in a March 2025 report by HUMAN Security as one of several dozen sites tied to the distribution and management of the Badbox 2.0 botnet.

However, the source of that Badbox 2.0 screenshot said the Kimwolf botmasters had an ace up their sleeve the whole time: Secret access to the Badbox 2.0 botnet control panel.

The source said it isn’t clear how Dort gained access to the Badbox botnet panel.

Kimwolf grew rapidly in the waning months of 2025 by tricking various “residential proxy” services into relaying malicious commands to devices on the local networks of those proxy endpoints.

Kimwolf mainly targeted proxies from IPIDEA, a Chinese service that has millions of proxy endpoints for rent on any given week.

The Kimwolf operators discovered they could forward malicious commands to the internal networks of IPIDEA proxy endpoints, and then programmatically scan for and infect other vulnerable devices on each endpoint’s local network.

Kimwolf’s close association with residential proxy networks and compromised Android TV boxes might suggest we’d find relatively few infections on corpor…

Microsoft today issued patches to plug at least 113 security holes in its various Windows operating systems and supported software.

“Today’s Windows patches remove agrsm64.sys and agrsm.sys.

This security feature is designed to protect against threats like rootkits and bootkits, and it relies on a set of certificates that are set to expire in June 2026 and October 2026.

Once these 2011 certificates expire, Windows devices that do not have the new 2023 certificates can no longer receive Secure Boot security fixes.

Windows admins should keep an eye on askwoody.com for any news about patches that don’t quite play nice with everything.

XLab said it suspected since October that Kimwolf and Aisuru had the same author(s) and operators, based in part on shared code changes over time.

In late October 2025, Brundage shared that the people selling various proxy services which benefitted from the Aisuru and Kimwolf botnets were doing so at a new Discord server called resi[.]to.

]to Discord channel would periodically post new IP addresses that were responsible for proxying traffic over the Kimwolf botnet.

All told, Synthient said it tracked at least seven static Resi Rack IP addresses connected to Kimwolf proxy infrastructure between October and December 2025.

]to Discord server vanished, Synthient’s website was hit with a DDoS at…

The most typical of these uninvited guests are small programs that turn the device into a residential proxy node that is resold to others.

Brundage says Kimwolf grew rapidly by abusing a glaring vulnerability in many of the world’s largest residential proxy services.

Kilmer said one model of unsanctioned Android TV boxes that is especially popular — the Superbox, which we profiled in November’s Is Your Android TV Streaming Box Part of a Botnet?

At that point, your home’s public IP address will show up for rent at the website of some residential proxy provider.

Brundage also has compiled a list of the unofficial Android TV boxes that are most highly represented in the Kimwolf botnet.

Your engagement this past year here has been tremendous and truly a salve on a handful of dark days.

The arrests came shortly after the FBI and the Dutch police seized dozens of servers and domains for the group.

In June, KrebsOnSecurity.com was hit by the largest DDoS attack that Google had ever mitigated at the time (we are a grateful guest of Google’s excellent Project Shield offering).

Another Aisuru attack on Cloudflare just days later practically doubled the size of the June attack against this website.

If you like the content we publish at KrebsOnSecurity.com, please consider making an exception for our domain in your ad blocker.

Democratic lawmakers have urged the SEC to investigate what they call “concerning ties to President Trump and his family” as potential conflicts of interest and foreign influence.

In October, President Trump pardoned Changpeng Zhao, the founder of the world’s largest cryptocurrency exchange Binance.

President Trump this term has fired most of the people involved in processing Freedom of Information Act (FOIA) requests for government agencies.

CONSUMER PROTECTION, PRIVACYAt the beginning of this year, President Trump ordered staffers at the Consumer Financial Protection Bureau (CFPB) to stop most work.

Nevertheless, it emerged in June that the Trump administration has built a central databas…

A decade ago, ending up at one of these parked domains came with a relatively small chance of being redirected to a malicious destination: In 2014, researchers found (PDF) that parked domains redirected users to malicious sites less than five percent of the time — regardless of whether the visitor clicked on any links at the parked page.

Infoblox found parked websites are benign if the visitor arrives at the site using a virtual private network (VPN), or else via a non-residential Internet address.

A defanged list of these typosquatting domains is available here (the dots in the listed domains have been replaced with commas).

“It was often a chain of redirects — one or two domains outside p…

Microsoft today pushed updates to fix at least 56 security flaws in its Windows operating systems and supported software.

This final Patch Tuesday of 2025 tackles one zero-day bug that is already being exploited, as well as two publicly disclosed vulnerabilities.

Despite releasing a lower-than-normal number of security updates these past few months, Microsoft patched a whopping 1,129 vulnerabilities in 2025, an 11.9% increase from 2024.

The zero-day flaw patched today is CVE-2025-62221, a privilege escalation vulnerability affecting Windows 10 and later editions.

For anyone seeking a more granular breakdown of the security updates Microsoft pushed today, check out the roundup at the SANS In…

A sprawling academic cheating network turbocharged by Google Ads that has generated nearly $25 million in revenue has curious ties to a Kremlin-connected oligarch whose Russian university builds drones for Russia’s war against Ukraine.

UK companies belonging to the group that have been shut down by Google Ads since Jan 2025 include:–Proglobal Solutions LTD (advertised nerdifyit[.

Currently active Google Ads accounts for the Nerdify brands include:-OK Marketing LTD (advertising geekly-hub[.

For a number of years, Lobov and Perkon co-produced a cross-cultural event in the U.K. called Russian Film Week.

While Synergy University promotes itself as Russia’s largest private educational institutio…

The phishing domains are being promoted by scam messages sent via Apple’s iMessage service or the functionally equivalent RCS messaging service built into Google phones.

The website scanning service urlscan.io shows thousands of these phishing domains have been deployed in just the past few days alone.

Pivoting off these T-Mobile phishing domains in urlscan.io reveals a similar scam targeting AT&T customers:Ford Merrill works in security research at SecAlliance, a CSIS Security Group company.

CAVEAT EMPTORMany SMS phishing or “smishing” domains are quickly flagged by browser makers as malicious.

“The fake e-commerce sites are tough because a lot of them can fly under the radar,” Merrill sai…

A prolific cybercriminal group that calls itself “Scattered LAPSUS$ Hunters” has dominated headlines this year by regularly stealing data from and publicly mass extorting dozens of major corporations.

Scattered LAPSUS$ Hunters (SLSH) is thought to be an amalgamation of three hacking groups — Scattered Spider, LAPSUS$ and ShinyHunters.

But last week, SLSH announced on its Telegram channel the release of their own ransomware-as-a-service operation called ShinySp1d3r.

The individual responsible for releasing the ShinySp1d3r ransomware offering is a core SLSH member who goes by the handle “Rey” and who is currently one of just three administrators of the SLSH Telegram channel.

Incredibly, Rey w…

UNBOXINGCensys’s Ashley said the phone home to China’s Tencent QQ instant messaging service was the first red flag with the Superbox devices she examined.

In July 2025, Google filed a “John Doe” lawsuit (PDF) against 25 unidentified defendants dubbed the “BadBox 2.0 Enterprise,” which Google described as a botnet of over ten million Android streaming devices that engaged in advertising fraud.

Several of the Android streaming devices flagged in Google’s lawsuit are still for sale on top U.S. retail sites.

Kilmer said Badbox 2.0 was used as a distribution platform for IPidea, a China-based entity that is now the world’s largest residential proxy network.

-Generic TV streaming devices advertis…

Sixteen months later, however, Mozilla is still promoting Onerep.

This week, Mozilla announced its partnership with Onerep will officially end next month.

In a statement published Tuesday, Mozilla said it will soon discontinue Monitor Plus, which offered data broker site scans and automated personal data removal from Onerep.

Mozilla said current Monitor Plus subscribers will retain full access through the wind-down period, which ends on Dec. 17, 2025.

Shelest released a lengthy statement wherein he acknowledged maintaining an ownership stake in Nuwber, a data broker he founded in 2015 — around the same time he launched Onerep.

The FBI has seized control of RAMP, a notorious cybercrime online forum that bragged to be "the only place ransomware allowed."

The seizure banner comes complete with a cheeky addition - a winking Masha from the popular Russian children's TV cartoon series "Masha and the Bear."

Many infamous ransomware groups, such as ALPHV/BlackCat, Qilin, DragonForce, and RansomHub would use the RAMP platform to promote their operations.

Following the seizure of RAMP, another of the forum's alleged operators, confirmed the takedown in a posting on another hacking forum.

As Flare reports, "Stallman" has indicated that the cybercriminal activity conducted through RAMP would continue through other channels.

Imagine the scene. It's a cold Monday morning in Moscow. You walk out to your car, coffee in hand, ready to face the day. You press the button to unlock your car, and ... nothing happens. You try again. Still nothing. The alarm starts blaring. You can't turn it off. Read more in my article on the Fortra blog.

All this and more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veteran Graham Cluley, joined this week by special guest Joe Tidy.

Smashing Security listeners get $1000 off!

Support the show:You can help the podcast by telling your friends and colleagues about “Smashing Security”, and leaving us a review on Apple Podcasts or Podchaser.

Join Smashing Security PLUS for ad-free episodes and our early-release feed!

Follow us:Follow the show on Bluesky, or join us on the Smashing Security subreddit, or visit our website for more episodes.

Police in Hungary and Romania have arrested four young men suspected of making hoax bomb threats and terrorising internet users through SWATting and doxing attacks.

SWATting is a particularly underhand way of making someone else's day a misery – without having to leave your home.

Secondly, the phone numbers were spoofed when making threatening calls to police, effectively directing emergency services to their door.

Hungarian police are keen to underline that SWATting and doxing are serious criminal offences that endanger lives, and are not harmless pranks.

"The police emphasise that swatting and doxing are serious crimes that endanger the lives of others and are not a joke," reads the press…

Security researchers have uncovered at least 16 malicious Chrome extensions masquerading as handy ChatGPT productivity tools.

Instead, they hook into the Chrome browser, and intercept outgoing data that contains users' authentication details.

My advice is to check if you have installed any ChatGPT-related browser extensions recently, and remove any that you have concerns over.

The security researchers who uncovered the malware campaign have listed the names of the extensions that have been identified so far (although, of course, it is possible that more have been used - or could still be):ChatGPT folder, voice download, prompt manager - ChatGPT ModsChatGPT voice download, TTS download - Cha…

In episode 85 of The AI Fix, Graham discovers that Silicon Valley has the solution to your pet’s mental health crisis, and Mark explains why AI godfather Yann LeCun thinks the entire AI industry is wrong about LLMs.

All this and much more is discussed in the latest edition of “The AI Fix” podcast by Graham Cluley and Mark Stockley.

You can also help the podcast by telling your friends and colleagues about “The AI Fix”, and leaving us a review on Apple Podcasts or Podchaser.

If you would like to further support the podcast, and gain access to ad-free episodes, become a supporter by joining The AI Fix Plus!

Follow Graham Cluley on LinkedIn, Bluesky, or Mastodon to read more of the exclusive c…

It has just been a few weeks since we reported on the Christmas cyber attack suffered by the European Space Agency (ESA), and the situation has already become worse.

In light of the latest data breach to impact ESA, the December 2025 incident doesn't look too bad.

Furthermore, this latest breach reportedly involves data that might be more concerning - such as operational procedures, spacecraft and mission details, subsystems documentation, and proprietary contractor data from ESA partners including SpaceX, Airbus Group, and Thales Alenia Space.

As a consequence of this latest incident, ESA has now confirmed that a criminal investigation is underway.

Some have suggested that poor cybersecuri…

All this, and much more, in this episode of the “Smashing Security” podcast with Graham Cluley, and special guest Ray [REDACTED]Host:Graham Cluley:@grahamcluley.com @ *protected email* / grahamcluleyGuest:Ray Redacted:@rayredacted.comEpisode links:Sponsored by:Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money.

Smashing Security listeners get $1000 off!

Support the show:You can help the podcast by telling your friends and colleagues about “Smashing Security”, and leaving us a review on Apple Podcasts or Podchaser.

Join Smashing Security PLUS for ad-free episodes and our early-release feed!

Follow us:Follow the show on Blu…

The UK's National Cyber Security Centre (NCSC) has issued a warning about the threat posed by distributed denial-of-service (DDoS) attacks from Russia-linked hacking groups who are reported to be continuing to target British organisations.

The denial-of-service attacks are typically not highly sophisticated, but can still successfully cause disruption to IT systems, and cost organisations a significant amount of time and money as they attempt to respond or recover.

The most obviously visible symptom of a basic denial-of-service attack can be that a website is no longer accessible, as hackers flood it with unwanted traffic, making it impossible for legitimate users to reach the resource.

As …

Oh, and AI has managed to crack some famously unsolved maths problems in minutes, and Grok gains access to all of the Pentagon’s networks?

All this and much more is discussed in the latest edition of “The AI Fix” podcast by Graham Cluley and Mark Stockley.

You can also help the podcast by telling your friends and colleagues about “The AI Fix”, and leaving us a review on Apple Podcasts or Podchaser.

If you would like to further support the podcast, and gain access to ad-free episodes, become a supporter by joining The AI Fix Plus!

Follow Graham Cluley on LinkedIn, Bluesky, or Mastodon to read more of the exclusive content we post.

We can no longer say that artificial intelligence is a "future risk", lurking somewhere on a speculative threat horizon. The truth is that it is a fast-growing cybersecurity risk that organizations are facing today. That's not just my opinion, that's also the message that comes loud and clear from the World Economic Forum's newly-published "Global Cybersecurity Outlook 2026." Read more in my article on the Fortra blog.

All this, and much more, in episode 450 of the “Smashing Security” podcast with Graham Cluley, and special guest Monica Verma.

Smashing Security #450:From Instagram panic to Grok gone wild [Your browser does not support the audio element]Host:Graham Cluley:@grahamcluley.com @ *protected email* / grahamcluleyGuest:Monica Verma:/ monicavermaEpisode links:Sponsored by:Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money.

Smashing Security listeners get $1000 off!

Join Smashing Security PLUS for ad-free episodes and our early-release feed!

Follow us:Follow the show on Bluesky, or join us on the Smashing Security subreddit, or v…

In episode 83 of The AI Fix, Graham reveals he’s taken up lying to LLMs, and shows how a journalist exposed AI bluffers with a made-up idiom.

All this and much more is discussed in the latest edition of “The AI Fix” podcast by Graham Cluley and Mark Stockley.

You can also help the podcast by telling your friends and colleagues about “The AI Fix”, and leaving us a review on Apple Podcasts or Podchaser.

If you would like to further support the podcast, and gain access to ad-free episodes, become a supporter by joining The AI Fix Plus!

Follow Graham Cluley on LinkedIn, Bluesky, or Mastodon to read more of the exclusive content we post.

Have you ever stolen data, traded a hacking tool, or just lurked on a dark web forum believing that you are anonymous?

The leak, published on a website named after the ShinyHunters hacking and extortion gang, includes records for some 323,986 Breachforums users, exposing their usernames, email addresses, password hashes, and IP addresses.

Ironically, it's precisely the kind of data that hackers using BreachForums have been trading in for years.

And the exposed database could help law enforcement agencies around the world uncover new leads that could assist with cybercriminal investigations.

In short, if you are one of the criminal users of BreachForums you may be sleeping rather less soundl…

The founder of a spyware company that encouraged customers to secretly monitor their romantic partners has pleaded guilty to federal charges - marking one of the few successful US prosecutions of a stalkerware operator.

If you visited the pcTattletale website you would be told that it was "employee and child monitoring software" designed to "protect your business and family."

The reality is that stalkerware like pcTattletale can also be used for tracking the location and activities of people without their knowledge.

Using stalkerware to spy on others without their permission is never acceptable.

If you're concerned that someone might be using spyware against you, visited the website of the …

Надеяться исключительно на средства защиты учетных записей и парольные политики — не вариант.

И в очередном обновлении мы продолжили развитие системы в том же направлении, добавив использование ИИ-подходов.

Сейчас же в новой версии SIEM c новым коррелятором появилась возможность реализовать детектирование угона учетной записи при помощи одного специализированного правила.

Поэтому в версии 4.2 мы сделали еще один шаг в сторону практичности и адаптивности платформы.

Новый коррелятор и, как следствие, повышение устойчивости платформыВ релизе 4.2 мы представили бета-версию нового корреляционного движка (2.0).

В этом месте обеспокоенные технологиями родители уже могут вспомнить о нашумевшем случае с ChatGPT, когда ИИ от OpenAI довел подростка до самоубийства.

Как исследователи тестировали ИИ-игрушкиИсследование, результаты которого мы разберем ниже, подробно рассказывает о рисках для детской психики, связанных с «дружбой» с умной игрушкой.

Miko 3, как и Grok, всегда слушает происходящее вокруг и активируется при обращении — примерно так же, как это работает у голосовых ассистентов.

Исследователи также отмечают, что ИИ-медведь не побуждал «ребенка» делиться личными переживаниями, не обещал хранить секреты и не создавал иллюзию приватного общения.

С другой стороны, производители этой игрушки не даю…

Удобную методичку по этому вопросу выпустил некоммерческий проект OWASP, разрабатывающий рекомендации по безопасной разработке и внедрению ПО.

Злоумышленники используют методы промпт-инъекций или поддельные данные, чтобы перенастроить агента на выполнение вредоносных действий.

Злоумышленник отправляет промпт, который под предлогом тестирования кода заставляет агента с возможностью «вайб-кодинга» загрузить команду с помощью curl и передать ее на вход bash.

Такой «отравленный» контекст искажает дальнейшие рассуждения агента и выбор инструментов.

Используйте внешние шлюзы безопасности (intent gates) для проверки планов и аргументов агента на соответствие жестким правилам безопасности перед их …

На самом деле происходит не установка из магазина приложений, а загрузка приложения в пакете APK.

В России проблема «левых» загрузок усложняется тем, что многие повседневные приложения, в первую очередь банковские, более недоступны в Google Play.

«Прямой NFC» — мошенник связывается с жертвой в мессенджере и уговаривает скачать приложения якобы для подтверждения личности в банке.

Права, которые и в самом деле нужны приложению такого класса, прекрасно подходят для перехвата данных и махинаций с посещаемыми веб-сайтами.

), перенаправлять пользователя на сайты с рекламой и запускать прямо на телефоне прокси, чтобы злоумышленники могли попадать на любые сайты от лица жертвы.

Это связано с тем, что знания ИИ не хранятся в виде отдельных фрагментов, которые можно легко удалить.

Как и на каких моделях проводилось исследование?

При этом в промптах изменялась исключительно стилистика подачи: никаких дополнительных техник атаки, стратегий обфускации или адаптаций под конкретные модели в эксперименте не использовалось.

Исследователи протестировали 1200 промптов на 25 разных моделях — как в прозаическом, так и в поэтическом варианте.

Если следовать этому методу оценки, то поэзия увеличивает вероятность ответа на небезопасный промпт в среднем на 35%.

Чтобы сопрячь со смартфоном новую гарнитуру, поддерживающую эту технологию, достаточно включить ее и поднести к смартфону.

Вредоносное устройство — обычный смартфон или ноутбук атакующего — транслирует запросы Google Fast Pair и пытается соединиться с BT-устройствами в радиусе 14 метров.

Эта функция, Google Find Hub, аналогична FindMy от Apple, и создает такие же риски несанкционированной слежки, как и вредоносные AirTag.

Тем, кто пользуется Android-смартфонами и сопрягал с ними свою уязвимую гарнитуру с помощью Fast Pair, этот вариант атаки не грозит, ведь они сами записаны как владельцы устройства.

Вероятнее всего, обновленные смартфоны больше не транслируют положение аксессуаров, угнанны…

Хотя первопричина ошибки проста и понятна, ее устранение потребует обширных и систематизированных усилий, причем как от государств и международных структур, так и от конкретных организаций и частных лиц.

В ряде случаев, впрочем, возможно более короткое «путешествие во времени» — в точку 0, то есть в 1970 год.

Злонамеренная эксплуатация Y2K38Командам ИТ и ИБ стоит относиться к Y2K38 не как к простой программной ошибке, а как к уязвимости, которая может приводить к различным сбоям, включая отказ в обслуживании.

В базах данных тоже мозаика: тип TIMESTAMP в MySQL фундаментально ограничен 2038 годом и требует миграции на DATETIME, в то время как стандартные типы timestamp в PostgreSQL безопасны.…

И самое «веселое» тут то, что отвечать приходится не только за свой периметр, но и, фигурально выражаясь, «за того парня».

И в отчете четко написано, кто не только обещает, но и реально делает.

Не редкость, но и не массовая фича — только семь производителей кроме нас ее поддерживают.

И что это пустая трата денег, и что это никому не нужно.

Мы задали этот тренд, мы его возглавили, и мы будем его тащить дальше.

Но куда большую тревогу вызывает характер контента в этих базах.

Сайт компании, помимо прочего, дает возможность использовать инструменты для генерации изображений и контента с помощью ИИ.

Эти инструменты позволяли пользователям генерировать картинки по текстовому описанию, редактировать загруженные фотографии и выполнять различные визуальные манипуляции, включая создание откровенного контента и подстановку лиц.

Именно с этими инструментами была связана утечка, а база данных содержала результаты их работы, включая сгенерированные и отредактированные с помощью ИИ изображения.

Часть изображений заставила исследователя предположить, что они были загружены в ИИ в качестве референсов для создани…

Благодаря удобству технологии NFC и оплаты смартфоном, в наши дни многие вообще перестали носить кошелек и не могут вспомнить ПИН-код от банковской карты.

Что такое ретрансляция NFC и NFCGateРетрансляция NFC — это техника, при которой данные, бесконтактно передаваемые между источником (например, банковской картой) и приемником (например, платежным терминалом), перехватываются на одном промежуточном устройстве и в реальном времени передаются на другое.

Оно предназначалось для анализа и отладки NFC-трафика, а также для обучения и экспериментов с бесконтактными технологиями.

В мае 2025 года попытки применения SuperCard X были зафиксированы и в России, а в августе — в Бразилии.

Впоследствии вре…

За словами «заманивают» и «предлагают» скрывается широкий спектр тактик: почтовые рассылки, сообщения в мессенджерах и посты в соцсетях, напоминающие официальную рекламу, сайты-двойники, продвигаемые в поисковых системах инструментами SEO и даже платной рекламой.

Особенно остро эта проблема стоит для IT-компаний, продающих онлайн-сервисы, но актуальна и для розничных брендов.

Особенно остро эта проблема стоит для IT-компаний, продающих онлайн-сервисы, но актуальна и для розничных брендов.

Из перечисленных нами косвенных потерь покрытие стандартной страховкой может компенсировать расходы на DFIR и в ряде случаев на клиентскую поддержку (если ситуация признана страховым случаем).

Как защитить…

Особенно любопытна эта атака тем, что в этот раз злоумышленники потратили определенные усилия для маскировки своей активности под коммуникацию с известным сайтом и работу легитимного ПО.

Кроме того, зловред умеет делать скриншоты с экрана жертвы и собирать файлы в интересующих злоумышленников форматах (преимущественно разнообразные документы и архивы).

Файлы размером меньше 100 МБ вместе с остальной собранной злоумышленниками информацией отправляются на другой сервер коммуникации с названием ants-queen-dev.azurewebsites[.]net.

Как оставаться в безопасностиНаши защитные решения выявляют как используемый в этой атаке вредоносный код, так и коммуникацию с командными серверами злоумышленников.

…

Что нужно знать об этих изменениях и какие знания и привычки взять с собой в 2026 год?

Мы рекомендуем Kaspersky Premium — с ним вы получите и защиту от вредоносного ПО, и оповещения (если ваши личные данные засветились в каких-то публичных утечках), и менеджер паролей, и родительский контроль, и многое другое.

Как и в случае с фастфудом, телевизором, TikTok и другими легкодоступными благами, важно найти баланс между здоровым применением этих помощников и опасными привычками.

А где-то вам подключили дополнительную опцию, о которой вы и не знаете, и ее нужно отключить.

Предполагается, что нейросети помогут дому самостоятельно решать, что и когда делать, чтобы владельцу было удобнее, — без зар…

В основном Stealka распространяют на популярных ресурсах — вроде GitHub, SourceForge, Softpedia, sites.google.com и других — под видом кряков известных программ, читов и модов для игр.

Чем опасен стилер StealkaУ Stealka достаточно большой арсенал возможностей, но «лакомый кусок» для него — данные из браузеров на движках Chromium и Gecko.

Не менее интересны для хакеров куки-файлы и токены сессий, которые позволяют обойти двухфакторную аутентификацию и угнать аккаунты без ввода пароля.

В зоне риска — Discord, Telegram, Unigram, Pidgin, Tox и другие.. В служебных файлах мессенджеров хранятся данные об аккаунтах, идентификаторы устройств, токены авторизации и параметры шифрования переписки.

— S…

The Cisco Foundation AI team introduces a novel approach to information retrieval designed to tackle the shortcomings of current search.

At its core, our framework empowers compact models (from 350M – 1.2B parameters) to:Learn diverse search strategies: Through a process of observing and learning from various search behaviors, the framework models understand how to approach different types of queries.

Through a process of observing and learning from various search behaviors, the framework models understand how to approach different types of queries.

Refine queries based on feedback: The system learns to adjust its search queries dynamically, incorporating insights from previously retrieved …

Foundation-sec-8B-Reasoning is an 8-billion-parameter reasoning model purpose-built for cybersecurity workflows.

Elevating Security ReasoningEffective cybersecurity analysis requires deep, multi-layered reasoning.

Generic reasoning models can assist, but they may lack the ability to understand the specific logic and structure of security workflows.

The model is built to support security workflows that demand logical reasoning, including tasks like threat modeling, attack path analysis, risk evaluation, and security architecture review.

To explore how Foundation-sec-8b-Reasoning can be applied across real-world security workflows, check out the use case cookbook on our public Github reposito…

That’s why we’re thrilled to announce the release of The PEAK Threat Hunting Assistant, an innovative, open-source tool designed to transform and accelerate the research and planning of hypothesis-driven threat hunts.

The Solution: An Intelligent, Agentic AssistantThe PEAK Threat Hunting Assistant is a game-changer for those struggling to find the time to properly research and plan their hunts.

Empowering Threat Hunters of All LevelsThe PEAK Threat Hunting Assistant is designed for threat hunters at every stage of their career.

Get Started TodayThe PEAK Threat Hunting Assistant leverages agentic AI, empowering threat hunters of all levels to conduct high-quality, human-guided research quick…

Cisco is addressing this challenge by advancing agentic security systems that combine reasoning, adaptive retrieval, and human oversight to support real world security operations at scale.

Through recent innovations from Cisco Foundation AI, including the Foundation-sec-8B-Reasoning model, adaptive retrieval framework for AI search, and the PEAK Threat Hunting Assistant, Cisco is establishing leadership in secure, agentic AI systems designed specifically for cybersecurity use cases.

From Models to Agentic Security SystemsTraditional AI systems primarily operate through single step inference.

Cisco Foundation AI is focused on delivering the core capabilities required for these systems, ensur…

As we navigate an increasingly interconnected world, the conversation around privacy and data governance continues to evolve at a breathtaking pace.

This isn’t just about risk mitigation; it’s about trust, unlocking growth, and showing that privacy is a vital part of data infrastructure that drives innovation.

Looking ahead, an impressive 93% plan to allocate even more resources to privacy and data governance to manage the growing complexity of AI systems and related risks.

The Cisco 2026 Data and Privacy Benchmark Study reveals an enterprise landscape in transition, where privacy, AI, data governance, and cybersecurity are converging under a single principle: trust.

I encourage you to expl…

In response, Cisco is the first hybrid mesh firewall vendor to introduce intent-based policy management across multi-vendor firewalls through Cisco Security Cloud Control with Mesh Policy Engine.

Mesh Policy Engine handles the determination of what device should get what policy, then deploys it.

Cisco Hybrid Mesh Firewall continues to expand what’s possible in firewall policy management, empowering organizations to move faster, stay secure, and maintain clarity in an ever-changing IT landscape.

See how Mesh Policy Engine can help you adopt Cisco Hybrid Mesh Firewall more easily.

Register for a hybrid mesh firewall design clinic.

Cisco Talos Incident Response (Talos IR) handles these types of crises daily.

The reality gapMost security teams imagine incident response as a purely technical exercise: analyze threats, isolate systems, remove malware, restore from backups.

The preparation paradoxHere’s what organizations discover too late: Incident response retainers cost a fraction of what emergency rates do during global cyber events.

The difference between organizations that emerge stronger and those that simply survive is that the former understand incident response before needing it.

To learn more about how Talos IR can help your organization prepare, respond, and recover from cyber incidents, read our complete behi…

In my last two blogs, I delved into the results of the 2025 Cisco Segmentation Report to highlight the importance of macro- and micro-segmentation and to identify the primary challenges hindering segmentation journeys.

Today, I dive further into the survey results to discuss the benefits organizations can achieve when they successfully implement a dual macro- and micro-approach to segmentation.

Three Benefits of a Successful Segmentation StrategyThe good news is that the survey results indicate that organizations further along in their segmentation journeys are indeed achieving measurable benefits from their successful macro- and micro-segmentation implementations.

If you haven’t already, c…

A Cisco Talos Incident Response (Talos IR) Retainer doesn’t only help you respond to threats but fundamentally changes how your organization approaches cybersecurity.

A Talos IR Retainer delivers organization-wide benefits that strengthen organization’s entire security ecosystem.

The Talos IR retainer works seamlessly with your existing security tools, while providing access to real-time intelligence on adversary tactics.

Read the full blog to see how a Talos IR Retainer can transform your cybersecurity posture from vulnerable to vigilant: Why a Cisco Talos Incident Response Retainer is a game-changer.

Ask a question and stay connected with Cisco Security on social media.

In this context, the importance of Data Loss Prevention (DLP) capability for data protection cannot be overstated.

Cisco Secure Access: Unified, AI-Powered Data Loss Prevention (DLP) for the Modern EnterpriseCisco Secure Access delivers the next generation of Data Loss Prevention (DLP) as a core component of our Security Service Edge (SSE).

Secure Access DLP also plays a vital role in enabling the safe use of generative Artificial Intelligence (AI) applications and model repositories.

The Endpoint DLP Advantage: Safeguarding Data Movement at the SourceIncorporating endpoint DLP into an organization’s data protection strategy brings immense value.

Recognizing this, Cisco Secure Access launch…

Cisco ISE: Live network visibility—but not always aligned with CMDB metadata or lifecycle information.

The Old Way Was LimitedPrevious integrations between Cisco ISE and ServiceNow attempted to close this gap by pushing CMDB attributes into ISE.

The Cisco ISE + ServiceNow Service Graph Connector finally closes the loop between visibility and control.

With Service Graph Connector for Cisco ISE, watch your network inventory come alive.

Ask a question and stay connected with Cisco Security on social media.

Cisco Identity Intelligence is now the first Cisco product to deliver a customer facing capability powered entirely by a Cisco built artificial intelligence model, Foundation-sec-1.1-8B-Instruct.

Strengthening Identity Security Through Deeper InsightCisco Identity Intelligence helps organizations understand and respond to identity related risk across their entire environment.

A key part of this experience is the weekly email digest that Cisco Identity Intelligence sends to administrators.

Why the Cisco Foundation Model MattersCisco Identity Intelligence selected the Cisco Foundation AI model because it offers clear advantages in quality, control, and long-term strategic alignment.

A Cisco-o…

According to our survey results, 94% of organizations are currently facing segmentation challenges, which range from technical to non-technical issues.

Challenges Inhibiting Segmentation ProjectsUnderstanding the challenges organizations face will ease the transition from partial to comprehensive segmentation implementations, allowing organizations to accelerate their progress through their segmentation journeys.

Currently, what are/ could be the biggest segmentation challenges you are/ could be experiencing at your organization?

Overcoming Segmentation Challenges Enables a Proactive Security StrategySegmentation remains a foundational element of enterprise security.

In the meantime, downlo…

Thanks to Duo, I was quickly given access to all the essential tools: Cisco XDR, Splunk, firewall dashboards, and more from the duo directory.

Detection: Cisco XDR flagged the suspicious behavior, visualizing the connections between one internal asset and several high-risk external hosts.

This raised immediate concerns about potential malware or command-and-control activity (see Cisco XDR investigation below).

In summary, my first SOC experience turned initial nerves into genuine confidence.

Ask a question and stay connected with Cisco Security on social media.

As a reminder, when a Windows client is seeking to talk to a domain controller it will make DNS queries for SRV records for names like _kerberos._tcp.dc._msdcs.DOMAINNAME or _ldap._tcp.dc._msdcs.DOMAINNAME.

These DNS requests enable the client to find nearby Kerberos or LDAP servers for their domain.

Finally, the Cisco Live network is designed to be a safe network for attendees to use.

A properly configured VPN client like Cisco Secure Client can support both a full tunnel VPN and “Start Before Login”.

Check out the other blogs by my colleagues in the Cisco Live Melbourne 2026 SOC.

Equally important is securing the AI application supply chain, including the frameworks, SDKs, and orchestration layers used to build and operate these systems.

The recent disclosure of CVE-2025-68664, known as LangGrinch, in LangChain Core highlights the importance of securing the AI supply chain.

Microsoft Defender provides visibility into vulnerable AI workloads through its Cloud Security Posture Management (DCSPM).

Microsoft Defender is actively working to expand coverage to additional platforms and this blog will be updated when more information is available.

Hunting queriesMicrosoft Defender XDRSecurity teams can use the advanced hunting capabilities in Microsoft Defender XDR to proac…

This post outlines an AI-assisted workflow for detection analysis designed to accelerate detection engineering.

The system accepts multiple content types and processes them through three main stages: TTP extraction, MITRE ATT&CK mapping, and detection coverage analysis.

In federated environments, detections may come from multiple repositories, so this standardization streamlines access during detection mapping.

Because the analysis relies on extracted text and metadata, which may be ambiguous, these mappings do not guarantee detection coverage.

By combining the speed of AI with expert review and validation, organizations can scale detection coverage analysis more effectively, even during pe…

In the 2026 Microsoft Data Security Index report, we explored one of the most pressing questions facing today’s organizations: How can we harness the power of AI while safeguarding sensitive data?

This year, the Data Security Index report builds upon the responses of more than 1,700 security leaders to highlight three critical priorities for protecting organizational data and securing AI adoption:Moving from fragmented tools to unified data security.

Managing AI-powered productivity securelyGenerative AI is already influencing data security incident patterns: 32% of surveyed organizations’ data security incidents involve the use of generative AI tools.

Strengthening data security with gener…

That shared spirit of collaboration is exactly why we’re proud to celebrate our 2026 Microsoft Security Excellence Awards winners—exceptional teammates who elevate the game for everyone.

On Monday, January 26, 2026, in Redmond, Washington, we brought together the all‑star players of the Microsoft Intelligent Security Association (MISA), partners, finalists, and Microsoft security leaders—to honor the innovators, defenders, and visionaries driving the future of cybersecurity.

“Congratulations to this year’s Microsoft Security Excellence Awards winners and all the remarkable finalists,” said Vasu Jakkal, Corporate Vice President, Microsoft Security Business.

To learn more about Microsoft Secu…

The Deputy CISO blog series is where Microsoft Deputy Chief Information Security Officers (CISOs) share their thoughts on what is most important in their respective domains.

As my office expands its engagements with the government, we are committed to listening to our customers’ security needs, increasing our opportunities to share threat information, and hearing their security priorities and challenges first-hand.

Learn moreTo hear more from Microsoft Deputy CISOs, check out the OCISO blog series.

To learn more about Microsoft Security solutions, visit our website.

Also, follow us on LinkedIn (Microsoft Security) and X (@MSFTSecurity) for the latest news and updates on cybersecurity.

The Deputy CISO blog series is where Microsoft Deputy Chief Information Security Officers (CISOs) share their thoughts on what is most important in their respective domains.

As my office expands its engagements with the government, we are committed to listening to our customers’ security needs, increasing our opportunities to share threat information, and hearing their security priorities and challenges first-hand.

Learn moreTo hear more from Microsoft Deputy CISOs, check out the OCISO blog series.

To learn more about Microsoft Security solutions, visit our website.

Also, follow us on LinkedIn (Microsoft Security) and X (@MSFTSecurity) for the latest news and updates on cybersecurity.

Figure 1: A visual representation of the 3 elements Copilot Studio agents relies on to respond to user prompts.

Microsoft Copilot Studio agents are composed of multiple components that work together to interpret input, plan actions, and execute tasks.

Final wordsSecuring Microsoft Copilot Studio agents during runtime is critical to maintaining trust, protecting sensitive data, and ensuring compliance in real-world deployments.

As you build and deploy your own Microsoft Copilot Studio agents, incorporating real-time webhook security checks will be an essential step in delivering safe, reliable, and responsible AI experiences.

Learn more about securing Copilot Studio agents with Microsoft Def…

And by choosing Microsoft Security, these customers are securing the foundation of their AI transformation from end to end.

Unified protection and measurable impactPartnering with Microsoft, Ford deployed Microsoft Defender, Microsoft Sentinel, Microsoft Purview, and Microsoft Entra to strengthen defenses, centralize threat detection, and enforce data governance.

Driving security efficiency and resilienceBy integrating Microsoft Security solutions—Defender for Cloud, Microsoft Sentinel, Purview, Entra, and Microsoft Security Copilot—Icertis strengthened governance and accelerated incident response.

Share your thoughtsAre you a regular user of Microsoft Security products?

Also, follow us on …

And by choosing Microsoft Security, these customers are securing the foundation of their AI transformation from end to end.

Unified protection and measurable impactPartnering with Microsoft, Ford deployed Microsoft Defender, Microsoft Sentinel, Microsoft Purview, and Microsoft Entra to strengthen defenses, centralize threat detection, and enforce data governance.

Driving security efficiency and resilienceBy integrating Microsoft Security solutions—Defender for Cloud, Microsoft Sentinel, Purview, Entra, and Microsoft Security Copilot—Icertis strengthened governance and accelerated incident response.

Share your thoughtsAre you a regular user of Microsoft Security products?

Also, follow us on …

Microsoft Defender Researchers uncovered a multi‑stage adversary‑in‑the‑middle (AiTM) phishing and business email compromise (BEC) campaign targeting multiple organizations in the energy sector, resulting in the compromise of various user accounts.

Stage 5: Phishing campaignFollowed by Inbox rule creation, the attacker initiated a large-scale phishing campaign involving more than 600 emails with another phishing URL.

Mitigating AiTM phishing attacksThe general remediation measure for any identity compromise is to reset the password for the compromised user.

DetectionsBecause AiTM phishing attacks are complex threats, they require solutions that leverage signals from multiple sources.

Using …

Microsoft Defender Researchers uncovered a multi‑stage adversary‑in‑the‑middle (AiTM) phishing and business email compromise (BEC) campaign targeting multiple organizations in the energy sector, resulting in the compromise of various user accounts.

Stage 5: Phishing campaignFollowed by Inbox rule creation, the attacker initiated a large-scale phishing campaign involving more than 600 emails with another phishing URL.

Mitigating AiTM phishing attacksThe general remediation measure for any identity compromise is to reset the password for the compromised user.

DetectionsBecause AiTM phishing attacks are complex threats, they require solutions that leverage signals from multiple sources.

Using …

The rise of AI Agents marks one of the most exciting shifts in technology today.

This fundamentally changes the security equation, making securing AI agent a uniquely complex challenge – and this is where AI agents posture becomes critical.

The goal is not to slow innovation or restrict adoption, but to enable the business to build and deploy AI agents securely by design.

As a result, securing AI agents demands a holistic approach.

Build AI agents security from the ground upTo address these challenges across the different AI Agents layers, Microsoft Defender provides a suite of security tools tailored for AI workloads.

The rise of AI Agents marks one of the most exciting shifts in technology today.

This fundamentally changes the security equation, making securing AI agent a uniquely complex challenge – and this is where AI agents posture becomes critical.

The goal is not to slow innovation or restrict adoption, but to enable the business to build and deploy AI agents securely by design.

As a result, securing AI agents demands a holistic approach.

Build AI agents security from the ground upTo address these challenges across the different AI Agents layers, Microsoft Defender provides a suite of security tools tailored for AI workloads.

To stay ahead in the coming year, we recommend four priorities for identity security leaders:Implement fast, adaptive, and relentless AI-powered protection.

Secure Access Webinar Enhance your security strategy: Deep dive into how to unify identity and network access through practical Zero Trust measures in our comprehensive four-part series.

Where to learn more: Get started with Microsoft Entra Agent ID and Microsoft Entra Suite.

An Access Fabric solution wraps every connection, session, and resource in consistent, intelligent access security, wherever work happens—in the cloud, on-premises, or at the edge.

Microsoft Entra delivers integrated access security across AI and SaaS apps, interne…

These initiatives, driven by Ballots SC-080, SC-090, and SC-091, will sunset 11 legacy methods for Domain Control Validation.

What’s Domain Control Validation?

Domain Control Validation is a security-critical process designed to ensure certificates are only issued to the legitimate domain operator.

Sunsetted methods relying on email:Sunsetted methods relying on phone:Sunsetted method relying on a reverse lookup:For everyday users, these changes are invisible - and that’s the point.

These changes push the ecosystem toward standardized (e.g., ACME), modern, and auditable Domain Control Validation methods.

Partnership with ArmOur goal is to raise the bar on GPU security, ensuring the Mali GPU driver and firmware remain highly resilient against potential threats.

We partnered with Arm to conduct an analysis of the Mali driver, used on approximately 45% of Android devices.

This approach allowed us to roll out the new security policy broadly while minimizing the impact on developers.

This effort spans across Android and Android OEMs, and required close collaboration with Arm.

The Android security team is committed to collaborating with ecosystem partners to drive broader adoption of this approach to help harden the GPU.

We built on Gemini's existing protections and agent security principles and have implemented several new layers for Chrome.

To further bolster model alignment beyond spotlighting, we’re introducing the User Alignment Critic — a separate model built with Gemini that acts as a high-trust system component.

A flow chart that depicts the User Alignment Critic: a trusted component that vets each action before it reaches the browser.

The User Alignment Critic runs after the planning is complete to double-check each proposed action.

Looking forwardThe upcoming introduction of agentic capabilities in Chrome brings new demands for browser security, and we've approached this challenge with the same ri…

Android uses the best of Google AI and our advanced security expertise to tackle mobile scams from every angle.

Over the last few years, we’ve launched industry-leading features to detect scams and protect users across phone calls, text messages and messaging app chat notifications.

To help combat these types of financial scams, we launched a pilot earlier this year in the UK focused on in-call protections for financial apps.

The UK pilot of Android’s in-call scam protections has already helped thousands of users end calls that could have cost them a significant amount of money.

We’ve also started to pilot this protection with more app types, including peer-to-peer (P2P) payment apps.

Secure by DesignWe built Quick Share’s interoperability support for AirDrop with the same rigorous security standards that we apply to all Google products.

Secure Sharing Channel: The communication channel itself is hardened by our use of Rust to develop this feature.

On Android, security is built in at every layer.

On Android, security is built in at every layer.

Secure Sharing Using AirDrop's "Everyone" ModeTo ensure a seamless experience for both Android and iOS users, Quick Share currently works with AirDrop's "Everyone for 10 minutes" mode.

Our first rust memory safety vulnerability...almost: We'll analyze a near-miss memory safety bug in unsafe Rust: how it happened, how it was mitigated, and steps we're taking to prevent recurrence.

Our First Rust Memory Safety Vulnerability...AlmostWe recently avoided shipping our very first Rust-based memory safety vulnerability: a linear buffer overflow in CrabbyAVIF.

Unsafe Review and TrainingOperating system development requires unsafe code, typically C, C++, or unsafe Rust (for example, for FFI and interacting with hardware), so simply banning unsafe code is not workable.

Dmytro Hrybenko for leading the effort to develop training for unsafe Rust and for providing extensive feedback on …

Survey shows Android users’ confidence in scam protectionsGoogle and YouGov3 surveyed 5,000 smartphone users across the U.S., India, and Brazil about their experiences.

The findings were clear: Android users reported receiving fewer scam texts and felt more confident that their device was keeping them safe.

Android users were 58% more likely than iOS users to say they had not received any scam texts in the week prior to the survey.

As an extra safeguard, Google Messages also helps block suspicious links in messages that are determined to be spam or scams.

As an extra safeguard, Google Messages also helps block suspicious links in messages that are determined to be spam or scams.

What's worse, many plaintext HTTP connections today are entirely invisible to users, as HTTP sites may immediately redirect to HTTPS sites.

To address this risk, we launched the “Always Use Secure Connections” setting in 2022 as an opt-in option.

We now think the time has come to enable “Always Use Secure Connections” for all users by default.

For more than a decade, Google has published the HTTPS transparency report, which tracks the percentage of navigations in Chrome that use HTTPS.

Since HTTP navigations remain a regular occurrence for most Chrome users, a naive approach to warning on all HTTP navigations would be quite disruptive.

To help accelerate adoption of AI for cybersecurity workflows, we partnered with Airbus at DEF CON 33 to host the GenSec Capture the Flag (CTF), dedicated to human-AI collaboration in cybersecurity.

Our goal was to create a fun, interactive environment, where participants across various skill levels could explore how AI can accelerate their daily cybersecurity workflows.

An overwhelming 85% of all participants found the event useful for learning how AI can be applied to security workflows.

This positive feedback highlights that AI-centric CTFs can play a vital role in speeding up AI education and adoption in the security community.

We are committed to advancing the AI cybersecurity frontier…

This page appears when Google automatically detects requests coming from your computer network which appear to be in violation of the Terms of Service .

The block will expire shortly after those requests stop.

In the meantime, solving the above CAPTCHA will let you continue to use our services.This traffic may have been sent by malicious software, a browser plug-in, or a script that sends automated requests.

If you share your network connection, ask your administrator for help — a different computer using the same IP address may be responsible.

Learn more Sometimes you may be asked to solve the CAPTCHA if you are using advanced terms that robots are known to use, or sending requests very qu…

At Made by Google 2025, we announced that the new Google Pixel 10 phones will support C2PA Content Credentials in Pixel Camera and Google Photos.

Pixel Camera attaches Content Credentials to any JPEG photo capture, with the appropriate description as defined by the Content Credentials specification for each capture mode.

attaches Content Credentials to any JPEG photo capture, with the appropriate description as defined by the Content Credentials specification for each capture mode.

Google Photos attaches Content Credentials to JPEG images that already have Content Credentials and are edited using AI or non-AI tools, and also to any images that are edited using AI tools.

Building a More Trus…

Today marks a watershed moment and new benchmark for open-source security and the future of consumer electronics.

Google is proud to announce that protected KVM (pKVM), the hypervisor that powers the Android Virtualization Framework, has officially achieved SESIP Level 5 certification.

This makes pKVM the first software security system designed for large-scale deployment in consumer electronics to meet this assurance bar.

With this level of security assurance, Android is now positioned to securely support the next generation of high-criticality isolated workloads.

Achieving Security Evaluation Standard for IoT Platforms (SESIP) Level 5 is a landmark because it incorporates AVA_VAN.5, the hi…

Today we're excited to announce OSS Rebuild, a new project to strengthen trust in open source package ecosystems by reproducing upstream artifacts.

Infrastructure definitions to allow organizations to easily run their own instances of OSS Rebuild to rebuild, generate, sign, and distribute provenance.

With an estimated value exceeding $12 trillion, open source software has never been more integral to the global economy.

For publishers and maintainers of open source packages, OSS Rebuild can...

If you're a developer, enterprise, or security researcher interested in OSS security, we invite you to follow along and get involved!

Android recently announced Advanced Protection, which extends Google’s Advanced Protection Program to a device-level security setting for Android users that need heightened security—such as journalists, elected officials, and public figures.

This is particularly useful for Advanced Protection users, since in 2023, plaintext HTTP was used as an exploitation vector during the Egyptian election.

JavaScript Optimizations and Security Advanced Protection reduces the attack surface of Chrome by disabling the higher-level optimizing Javascript compilers inside V8.

Javascript optimizers can be disabled outside of Advanced Protection Mode via the “Javascript optimization & security” Site Setting.

We…