Он буквально спроектировал белок, который собирается в оболочку как вирус.

IETF представила гибридный метод QUERY.

Добро пожаловать в новую войну.

Этот астероид не вращается, а буквально кувыркается… и у него еще много неожиданных тайн.

Раз в год — раз в 5 лет: вот как компания незаметно переписала правила апгрейда вашего компьютера.

Что Microsoft нашла в AutoGen Studio и почему это касается каждого разработчика ИИ.

Интерпол накрыл сеть фейковых модельных агентств.

И да, починят это явно не сегодня.

В клубе элиты Питера Тиля чем известнее гость, тем ниже цена участия.

Атака на репозиторий затронула скрипты для работы с Python и языковой моделью Llama.

Около 10000 поддельных репозиториев на GitHub распространяют трояны.

То, как вы в 90х работали с памятью, официально признали опасным.

Суд в Индии решил: подождём до конца экзаменов.

У планеты есть собственный иммунитет от радиации — и он звучит как птичье пение в космосе.

Google нашла способ сделать Android чуть более похожим на iPhone и называет это борьбой с мошенниками.

Мы рассматриваем ИБ шире и не ограничиваемся выполнением рабочих задач.

Например, сам ресурс расположен на домене .com, а не на официальном российском адресе.

Поэтому человек после атаки несколько дней «не в себе» и не может толком вспомнить подробности произошедшего.

Для этого нужна понятная линия консультаций, простые правила остановки и выработанная привычка задавать вопросы ИБ превентивно, а не после получения ущерба.

Современная поверхность атаки проходит не только через инфраструктуру и сетевой периметр, но и через внимание, страх и доверие человека.

Simple2FA — универсальная система двухфакторной аутентификации для обеспечения безопасного удалённого доступа к корпоративным ресурсам.

Функциональные возможности Simple2FAСистема Simple2FA обладает следующими ключевыми функциональными возможностями:Централизованное управление пользователями, группами, лицензиями и политиками аутентификации через единую веб-консоль администратора.

Гибридная архитектура, обеспечивающая локальную проверку первого фактора аутентификации и облачную обработку второго фактора без передачи паролей во внешнюю среду.

После успешной проверки первого фактора локальный модуль инициирует процедуру подтверждения второго фактора через облачный модуль Simple2FA.

Настройка …

Сегодня безопасность зависит не только от защищённого канала связи, но и от контроля пользователя, устройства и его действий.

Сегодня он является одним из ключевых элементов информационной безопасности, поскольку именно через удалённые подключения злоумышленники нередко пытаются получить доступ к внутренней инфраструктуре организации.

Однако защищённый канал не гарантирует безопасность, если злоумышленник получил доступ к учётной записи сотрудника или использует скомпрометированное устройство.

Контроль устройства как элемент безопасностиОдним из ключевых трендов последних лет стал переход от проверки пользователя к проверке устройства, с которого осуществляется подключение.

В зависимости от…

Их решения активно внедрялись на протяжении последних лет и воспринимались не как узкие инструменты балансировки, а как комплексные платформы.

Влияние балансировщика на ИТ-инфраструктуру и организационные процессыВнедрение балансировщика влияет не только на техническую архитектуру, но и на структуру эксплуатации ИТ-ландшафта.

Это воспринимается не только как формальное требование, но и как признак того, что продукт уже прошёл внедрения и имеет подтверждённую практику использования.

В итоге сравнение идёт не только по характеристикам продукта, но и по тому, насколько он вписывается в текущую архитектуру и компетенции команды.

Поэтому современные балансировщики всё чаще используются как элеме…

В этом нет ничего удивительного: оборудование, в котором применяются встраиваемые системы, рассчитано на длительный срок службы.

Они применяются и в ИТ- и сетевом оборудовании, что позволило решить ряд давних технических проблем.

В целом требования к техническим специалистам в этой области высоки: необходимо сочетание компетенций в ИТ и в конкретных отраслях, для которых разрабатываются решения.

Та же проблема характерна и для других сегментов, включая NGFW, почтовые серверы и ряд других решений.

Количество потенциальных заказчиков невелико, при этом разработка АСУ ТП, как и NGFW, требует значительных времени и ресурсов.

SafeTech CA — это центр сертификации корпоративного уровня от компании SafeTech Lab.

Осознавая эти вызовы, российская компания SafeTech Lab, входящая в состав SafeTech Group, разработала корпоративный центр сертификации SafeTech CA.

Встроенные инструменты позволяют импортировать шаблоны и сертификаты из Microsoft CA и заменить зарубежный сервис без остановки бизнес-процессов.. Встроенные инструменты позволяют импортировать шаблоны и сертификаты из Microsoft CA и заменить зарубежный сервис без остановки бизнес-процессов.

Поддерживаемые SafeTech CA протоколыПротоколы, по которым может работать центр сертификации SafeTech CA:MS-WSTEP (Microsoft WS-Trust X.509v3 Token Enrollment Extensions).

Дл…

Михаил Кадер, архитектор ИБ, UserGateСтанислав Погоржельский пояснил, что облачные инфраструктуры делятся на IaaS, PaaS и SaaS — от этого зависят зоны ответственности провайдера и клиента.

Во втором опросе зрители ответили, какую роль ИБ играет при выборе облачного провайдера в их компании:ИБ проверяет провайдера перед финальным решением — 32 %.

Михаил Захряпин различает безопасность провайдера и безопасность пользователя.

За счёт этой цепочки работы провайдера можно попытаться закрыть разрыв на границе ответственности клиента и провайдера, вытащив часть экспертизы на свою сторону».

ВыводыПубличные облака — это зрелая и во многом безопасная среда, но только при условии, что клиент не перекл…

Функциональные возможности Kaspersky Threat Intelligence PortalЗадача Kaspersky Threat Intelligence Portal — обеспечить специалистов по информационной безопасности (ИБ) контекстом угроз.

Портал включает несколько сервисов, которые обогащают и усиливают друг друга: Kaspersky Threat Data Feeds, Kaspersky Threat Lookup, Kaspersky Digital Footprint Intelligence, Kaspersky Threat Analysis, Kaspersky Threat Intelligence Reporting, Kaspersky Threat Infrastructure Tracking.

Чтобы получить полную видимость угроз на всех этапах их формирования, в «Норникеле» внедрён процесс киберразведки, в техническую составляющую которого входит и комплекс решений Kaspersky Threat Intelligence: Kaspersky Threat Int…

В этой статье расскажем о способах ИИ-фишинга (в т. ч. с использованием дипфейков и клонирования голоса), методах распознать угрозу и предотвратить её.

Эта тенденция коснулась и России: согласно исследованию компании «Информзащита», около 80 % фишинговых атак на отечественные компании в 2025 году содержали ИИ-компоненты.

Эволюция фишинга под влиянием искусственного интеллектаСовременные генеративные модели значительно усиливают эффективность и масштаб фишинговых атак: искусственный интеллект позволяет злоумышленникам автоматизировать и масштабировать кампании.

Это ускоряет подготовку атак и снижает их стоимость, особенно против систем, полагающихся на устаревшие паттерны мошенничества.

Нейр…

И можно с уверенностью сказать, что это уже устоявшаяся тенденция как минимум на текущий, а возможно, и на следующий год.

С чем сталкивается бизнесПомимо внешних факторов, в компании зачастую есть и внутренние сложности, влияющие на расходы на ИТ и инфраструктуру.

Как упоминалось выше, бизнес в любом случае не стоит на месте и запускает новые проекты — инфраструктура продолжает расти и требовать ресурсов и денег.

По нашим данным, компании в такой ситуации теряют до 30 % бюджета из-за разрозненности инфраструктуры.

Чтобы быстро расти и развиваться, современному бизнесу всегда нужно понимать, сколько и каких ресурсов потребляет тот или иной сервис, как это изменилось за последнее время и поче…

Впереди — широкое внедрение ИИ, вплоть до применения ИИ в процессах принятия решений и для поддержки продуктовых экосистем.

Развитие компаний по пути AI FirstИсходя из предложенной Selectel формулы оценки уровня ИИ-развития компаний, на конференции были представлены три уровня развития их ИИ-зрелости.

Уровни ИИ-зрелости компаний AI First по GartnerВендоры ИИ-моделей, ориентированные на продвижение своих продуктов, рассматривают классификацию компаний по уровню ИИ с точки зрения задач, которые охвачены ИИ в бизнесе.

Например, разработчик ИИ-модели Claude провёл совместное исследование с компанией Material, опросив руководителей около 500 компаний в США о внедрении ИИ-агентов.

Этот выбор пред…

ИИ в кибербезопасности встраивается в разные процессы, но его роль почти везде одна: автоматизация и повышение эффективности защиты.

Это могут быть:информационно-коммуникационная инфраструктура;программное обеспечение;процессы и сервисы по обработке данных и поиску решений.

Это позволило использовать ИИ не только для поиска отклонений, но и для интерпретации событий, анализа цепочек атак и автоматизации отдельных этапов расследования.

Согласно исследованию «Искусственный интеллект в России — 2025: тренды и перспективы», активнее всего ИИ применяется в ИТ- и технологическом секторах, телекоммуникациях и медиа, электронной коммерции, банковской и страховой сферах.

ВыводыИИ перестал быть экспе…

Поддержка безопасности в сетях SASEГлавное отличие сетей SASE — это возможность интеграции функций безопасности в рамках единой платформы.

Далее приведено сравнение межсетевых экранов и SASE с точки зрения реализации системы управления безопасностью и применяемых подходов.

Реализация функций безопасности для традиционных межсетевых экранов и SASESASE или NGFW: что выбратьИтак, сейчас существуют разные решения для выбора: существующие NGFW и сети нового типа SASE.

В целом — везде: и в больших офисах, и в маленьких точках присутствия, а временами ещё и дома.

Достижение этого результата путём внедрения обновлённых моделей устройств NGFW в рамках эксплуатации традиционных сетевых инфраструктур …

Разбираемся, кто за что отвечает в облаке и как избежать таких ситуаций.

Один работает на стороне облачного провайдера и каждый день видит, с какими ожиданиями и заблуждениями приходят клиенты.

Помогает компаниям выстраивать облачную безопасность и ежедневно сталкивается с ситуациями, когда бизнес не до конца понимает границы своей ответственности в облаке.

Компании начинают внимательно смотреть на соглашение об уровне сервиса (Service Level Agreement, SLA), условия ответственности провайдера и собственную архитектуру.

Он определяет, что и как размещается в облаке, и принимает ключевые решения при инцидентах.

Следующая контрольная точка для банка не всегда будет общей датой для всего рынка.

Ключевые даты и контрольные точкиДата Событие Что означает для банка 1 апреля 2025 Федеральный закон № 41-ФЗ Заложена правовая основа ГИС «Антифрод».

Как устроена интеграция ГИС «Антифрод» в банкеКБ «ТехноСкор» подготовил для этой задачи готовый ГИС-адаптер.

Базовая цепочка выглядит так: ГИС «Антифрод» — СМЭВ4 — агент ПОДД банка — ГИС-адаптер «ТехноСкор» — банковские системы, ИРИС и СПР.

Схема подключения и использования сигналаГИС «Антифрод» → СМЭВ4 → Агент ПОДД банка → ГИС-адаптер «ТехноСкор» → ИРИС и СПР / антифрод банка → НСПК / СБПВ обратную сторону реакции и ответные сигналы идут тем же регламентированн…

В этой статье рассмотрим ряд бесплатных инструментов, которые можно применять для анализа безопасности сайтов на «1С-Битрикс» и Bitrix24 и других веб-приложений.

Для «1С-Битрикс» и Bitrix24 можно разрабатывать отдельные шаблоны, которые проверяют наличие служебных скриптов, публичных файлов, уязвимых компонентов и признаков конкретных уязвимостей.

Изначально я планировал только аудит сканирование, но потом подумал, почему бы и не попробовать сделать что-то под пентест - внешний скан.

BitrixProbe в режиме pentestРежим pentest предназначен для поиска публично доступных компонентов, служебных файлов, установочных и восстановительных скриптов, признаков модулей и некоторых уязвимостей, которые …

И в этом — вся статья.

Почему это не блокчейн и не очередной аудитUVS — протокол, а не библиотека, не фреймворк и не тяжёлая цепочка блоков.

Любой участник берёт seed, берёт раунд drand, берёт список — и пересчитывает результат на своей машине.

Призывникам ноября и декабря 1969 года это не помогло бы вернуть проигранную лотерею — но помогло бы оспорить её до того, как капсулы разослали по комиссиям.

А это и есть вся разница между обещанием и фактом.

Практический вывод парадоксален: сам по себе отзыв в браузере «срабатывает» не так жёстко и не так мгновенно, как пишут.

При этом важно держать дисциплину: «отзыв у MAX» и «отзыв у всех доменов VK одномоментно» — разные утверждения.

Разница не в криптографии, а в том, чей корень подписывает сертификаты и где этот корень признан доверенным.

Это реальная, а не выдуманная уязвимость — но она про мобильные приложения, а не про «весь Рунет в браузере».

Что это НЕ значит: не взлом, не сетевая блокировка, не «выключение» сервисов и не «конец Рунета».

Проблема: сотрудники «сливают» в облака чувствительные данные, которые можно грубо разделить на персональные данные и коммерческую тайну.

Защита персональных данных и коммерческой тайны при работе с облачными LLM требует многоуровневого подхода, сочетающего архитектурные, технические и организационные меры.

Конфиденциальные вычисления (Confidential Computing) : Оборудование создает «аппаратный безопасный контейнер», изолирующий модель и данные даже от облачного провайдера.

Сравните публичные LLM с публичными блокнотами — если нельзя выложить данные в открытый доступ, нельзя отправлять их и в LLM.

Юридические гарантии : Включайте в договоры с провайдерами пункты о неиспользовании данных для …

Все были настроены по-дружески и с готовностью уделяли своё время новичкам, делясь знаниями о технологиях и внутренних процессах компании.

И на сей раз рядовых сотрудников в компании не то, что не спросили, эту информацию даже не довели до их сведения.

Преднамеренное нанесение вреда людям никак не укладывается в моё мировоззрение, и участвовать в этом я не желаю.

И я очень надеюсь, что руководство Google всё же встряхнёт и восстановит свой моральный компас.

В Google же я по большей части выступал стратегическим советником и управленческих задач почти не решал.

Разбираемся, что известно о Mythos, почему власти США вмешались в доступ к модели и что эта история значит для российского рынка.

Правительство США выпустило директиву, по которой Anthropic должна приостановить доступ к моделям Fable 5 и Mythos 5.

Что известно о защите Fable 5 и Mythos 5Anthropic утверждает, что перед запуском Fable 5 провела масштабное тестирование защитных механизмов.

Что это значит для российского рынкаДля России история с Mythos 5 важна не только как новость о зарубежной ИИ-модели.

Это важный сигнал, что модели становятся достаточно сложными, чтобы их обсуждали не только инженеры и исследователи, но и государственные органы, банки, регуляторы и службы национальной безоп…

Важно: это не антивирусная программа в привычном понимании.

Она не имеет ни базу данных антивируса и не ищет, например трояны.

И я подумал сделать такую программу, что она будет как Simple Unlocker, но при этом помимо автоматического поиска ограничений будет ещё и поиск других угроз.

Так размер файла стал 26 МБ и это был успех!

Именно поэтому я и создал Threatbit Simple ScannerВид самой программыЧто умеет Threatbit Simple Scanner?

В ответ маркетплейсы и геосервисы перестали анализировать исключительно сам текст и переключились на графовый анализ.

Маркетплейсы редко удаляют фейковые отзывы в момент публикации, предпочитая отправлять скомпрометированные товары в теневой бан (shadowban).

После этого фильтры начинают браковать и удалять даже настоящие отзывы от реальных клиентов, перестраховываясь от новых волн накрутки.

Стоит ли накручивать отзывы в 2026 году?

Сталкивались ли вы как разработчики или селлеры с жесткими алгоритмическими ошибками, когда маркетплейсы или геосервисы несправедливо удаляли настоящие отзывы от реальных клиентов?

Командные инъекции дают выполнить или обойти команды ОС через пользовательский ввод, и это, по словам Георгия, просто ужас.

Изолируем сервер от прямого доступа хорошо сконфигурированным reverse-proxy и не принимаем нестандартные заголовки вроде Transfer-Encoding: chunked, gzip , которые ломают логику.

Для SPA и API токен держим в памяти и не кладём в localStorage .

Мушкетёрский набор: инструменты локального анализаКуча уязвимостей и куча проблем, как с этим жить.

Да, язык структурный, понятный и неплохо защищён, и всё же безопасность это не только код, это культура.

Они не заменяют юриста, не определяют за оператора состав персональных данных и не создают автоматически корректные документы.

Их задача — дать воспроизводимый серверный контур для документов, редакций, статусов, истории действий, пользовательского выбора файлов cookie и выгрузки данных.

django-cookies-152fz не требует django-consent-152fz , не импортирует его модели и не использует его жизненный цикл согласий.

Модуль файлов cookie — не только окно с кнопкой «Принять»Окно выбора файлов cookie обычно воспринимают как небольшой элемент интерфейса с кнопками «Принять» и «Настроить».

Реестр файлов cookie и подключённых сервисов: категория, поставщик, стратегия очистки и статус активности.

А что если сервер (или тот, кто его взломал) вместо настоящего ящика вашего устройства подсунет свой?

А "не туда" подсунул именно тот, кому мы вроде как не должны были доверять, мой сервер.

Подмена ключа автоматически сбрасывает доверие - это не баг, это и есть защита.

Честно о том, чего ещё нетКак и в прошлый раз - про минусы сам, без прикрас:Сверка ручная.

Я не заставляю это делать насильно, но честно: это инструмент, а не автоматический щит.

Исследователи установили, что драйвер внедряет в целевые программы специальный блок инструкций для сопроцессора (FPU), который систематически искажает арифметические операции с плавающей запятой.

Даже минимальные, но воспроизводимые ошибки в расчётах могли привести к:Замедлению научных исследований;Деградации инженерных систем;Катастрофическим сбоям в критической инфраструктуре.

Теперь представим, что вредоносный код не ломает саму программу, не вызывает падение процесса и не оставляет заметных следов.

Перед установкой вредонос проверял наличие антивирусного ПО по списку из 18 продуктов (включая Symantec, Kaspersky, Zone Labs), что свидетельствует о высоком уровне осведомлённости операторов…

Глушение — это не настройка, это создание слепой зоны.

Между «правило слишком чувствительное» и «правило выключено» есть огромная разница, и в первом случае вы хотя бы видите сигнал.

Добавление людей просто распределяет страдание на большее число человек — корень в архитектуре потока алертов, а не в нехватке рук.

Шумные детекторы уходят в задачу на тюнинг, а не в mute; выключенных «чтобы не фонило» правил нет.

Минимальный объём автоматической проверки одинаков для всех алертов и не зависит от severity и усталости дежурного.

ПроблемаДаже на self-hosted сервере синхронизация состояния (например, какие чаты в избранном и в каком порядке) между телефоном и ноутбуком обычно всё равно идёт через сервер.

Не нравилось другое: ради локальной задачи («два устройства в одной квартире») трафик гоняется через сервер, который держишь совсем для другого.

WardLink делает это напрямую между устройствами по LAN, без сервера в петле для этой конкретной задачи.

Синхронизация pull-based: каждая сторона независимо запрашивает у пира манифест (какие сообщения и чаты есть у него), сравнивает со своим состоянием и подтягивает недостающее.

Большие медиафайлы передаются стримом, AES-GCM кадрами по 256KB, без base64 и без загрузки файла …

В новый печатный номер войдут лучшие статьи, опубликованные на сайте за прошедший квартал.

Тебя ждут три нестандартных материала, посвященных роутерам и сетям, и многое другое.

Обрати внимание, что по мере приближения к релизу стоимость будет расти.

Предыдущие номераЕсли ты пропустил выход первого и второго ежеквартальных номеров «Хакера» за 2026 год, у нас хорошие новости — эти журналы уже отпечатаны и хранятся на нашем складе.

Покупая ежеквартальный номер, ты не только получаешь тщательно собранный и отредактированный журнал, но и помогаешь проекту жить и развиваться дальше.

Исправление устранило опасную уязвимость, которая позволяла атакующим подслушивать разговоры пользователей, находясь в зоне действия Bluetooth.

Как сообщили в компании, проблема затрагивала устройства, которые еще не были сопряжены с другим оборудованием и находились в режиме ожидания запросов на подключение.

В таком состоянии злоумышленник мог получить доступ к микрофону и прослушивать происходящее рядом с жертвой.

Прошивка распространяется автоматически, когда наушники находятся рядом с сопряженным iPhone, iPad или Mac.

Хуже того, инициированный атакующими звонок позволял «подслушивать разговоры и звуки в пределах слышимости микрофона устройства».

Исследователи из компании Socket обнаружили 152 вредоносных расширения для Chrome, замаскированных под живые обои для новых вкладок.

Расширения собирали данные пользователей и, вероятно, использовались для мошенничества с рекламным трафиком.

Изначально внимание экспертов привлек тот факт, что в описаниях расширений в Chrome Web Store утверждалось, будто они не собирают и не используют данные пользователей, однако в политике конфиденциальности сообщалось об обратном.

Другой трюк был связан с удалением: в момент деинсталляции некоторые расширения отправляли специальный запрос через инфраструктуру Google, используя google.com/url.

Также исследователи обнаружили в коде расширений неактивную фун…

А глав­ное, изме­нить мож­но будет что угод­но и в любой момент без стра­даний с деп­лоем.

Давай опро­буем ее на при­мере, и ста­нет понят­но, при­мени­мо ли это в жиз­ни.

Что­бы его запус­тить, прос­то нажима­ешь «Publish Beta» — и через нес­коль­ко минут смот­ришь, что появи­лось в чате.

Если у тебя ноч­ные сбор­ки и еже­недель­ные бета‑релизы, то мож­но вооб­ще всё авто­мати­зиро­вать и обой­тись без мес­сен­дже­ров.

Как он понима­ет, для какого про­екта приш­ла коман­да и в какой канал слать уве­дом­ление?

Новый вредонос DragonForce написан на Go и использует протокол TURN (Traversal Using Relays around NAT), который Microsoft Teams применяет для доставки сообщений клиентам, когда прямое соединение установить невозможно.

Схема выглядит следующим образом: бэкдор получает анонимный visitor-токен Teams через инфраструктуру Microsoft, использует легитимный TURN-релей для установки соединения, а затем открывает QUIC-сессию с настоящим управляющим сервером атакующих.

В итоге защитные решения обнаруживают только обращения к серверам Microsoft Teams, но не замечают, что через этот канал проходит вредоносный трафик.

Исследователи отмечают, что в прошлом году специалисты компании Praetorian продемонстр…

Специалисты Cisco выпустили патчи для уязвимости CVE-2026-20262 в Catalyst SD-WAN Manager (ранее SD-WAN vManage).

С начала 2026 года это уже восьмая уязвимость в продуктах Cisco SD-WAN, которую злоумышленники использовали в реальных атаках.

Catalyst SD-WAN Manager применяется для централизованного управления инфраструктурой SD-WAN и способен обслуживать до 6000 устройств через единую консоль.

Следует отметить, что в начале июня разработчики Cisco уже предупреждали о другой уязвимости нулевого дня в SD-WAN (CVE-2026-20245), которая также позволяла получить root-доступ на уязвимых устройствах.

По данным CISA, с начала года CVE-2026-20262 стала уже восьмой уязвимостью в Cisco SD-WAN, использов…

Злоумышленники нацелились на бухгалтеров компаний и заражают их машины малварью DarkWatchman, чтобы затем использовать доступ к системам дистанционного банковского обслуживания (ДБО) для хищения денег.

Основные цели группы — финансовые подразделения компаний, и помимо российских организаций среди жертв группы присутствуют как минимум шесть компаний из Беларуси (из сфер телекома, промышленности, торговли и так далее), три — из Казахстана (интернет-магазины и предприятие химической промышленности) и еще одна компания из Узбекистана (производитель напитков).

По данным специалистов, в феврале и марте текущего года злоумышленники разослали вредоносные письма более чем в 3000 российских компаний …

Разработчики F5 выпустили внеплановые патчи для двух критических проблем в NGINX, которые при определенных условиях позволяли удаленно выполнить произвольный код.

Уязвимости получили идентификаторы CVE-2026-42530 и CVE-2026-42055, а также набрали по 9,2 балла по шкале CVSS.

В обоих случаях успешная атака приводит к аварийному завершению рабочего процесса NGINX и его перезапуску.

Уязвимости представляют опасность для NGINX Open Source, NGINX Plus, NGINX Gateway Fabric, NGINX Instance Manager, NGINX Ingress Controller и ряда дополнительных продуктов экосистемы.

Исправления для проблемы CVE-2026-42530 вошли в состав NGINX Open Source 1.31.2 и NGINX Gateway Fabric 2.6.4, тогда как патчи для CVE…

Малварь распространяется через сайты, которые маскируются под страницы для загрузки популярных приложений вроде Chrome и TikTok.

По данным исследователей, вредонос нацелен как минимум на 217 банковских и криптовалютных приложений и оснащен набором из 137 команд для удаленного управления зараженным устройством.

Для этого вредонос проверяет наличие на устройстве целевых приложений и загружает для них соответствующие фишинговые шаблоны.

Для слежки за пользователем Rokarolla не использует стандартный механизм записи экрана через MediaProjection, так как это приводит к отображению заметного предупреждения.

Также троян использует несколько резервных C&C-доменов, что затрудняет блокировку инфрастр…

Спустя неделю после публикации эксплоита для уязвимости RoguePlanet специалисты Microsoft подтвердили наличие проблемы, присвоили ей идентификатор CVE и сообщили, что уже работают над созданием исправления.

Напомним, что вскоре после выхода июньских патчей информацию о 0-day-уязвимости RoguePlanet и PoC-эксплоит для нее опубликовал исследователь Nightmare Eclipse (он же Chaotic Eclipse).

После раскрытия информации о RoguePlanet представители Microsoft заявляли, что изучают сообщения о новой уязвимости и проверяют возможность ее практической эксплуатации.

При этом в Microsoft не упомянули Nightmare Eclipse как автора находки.

Еще весной специалист пообещал раскрывать новые 0-day-уязвимости п…

По сути, в этой статье мы раз­берем необыч­ный слу­чай реали­зации защиты, осно­ван­ной не на баналь­ном срав­нении серий­ного номера, а на рас­шифров­ке дан­ных с помощью регис­тра­цион­ного клю­ча.

Как ты уже догадал­ся, это слу­чай, ког­да у хакера не хва­тает какой‑то клю­чевой информа­ции, жиз­ненно важ­ной для пол­ноцен­ной работы прог­раммы.

Единс­твен­ным опти­мис­тичным момен­том мож­но счи­тать то, что код един для всех поль­зовате­лей и никак не при­вязан к компь­юте­ру.

Попут­но находим прос­тень­кую валида­цию вве­ден­ного клю­ча для его записи в реестр при зак­рытии регис­тра­цион­ной фор­мы.

RandSeed , умно­жает его на кон­стан­ту 134775813 и при­бав­ляет 1 .

Представители хак-группы заявляют, что похитили у компании более 2,2 млн записей с персональными данными клиентов и внутренней информацией. Однако в Kodak сообщили, что атака затронула лишь «ограниченный объем» данных, и пока расследование инцидента продолжается.

Исследователь из компании Positive Technologies Сергей Тарасов обнаружил две уязвимости нулевого дня в компоненте Desktop Window Manager (DWM). Обе проблемы позволяли локальному атакующему повысить привилегии до уровня SYSTEM и фактически получить полный контроль над устройством. Инженеры Microsoft уже выпустили исправления для всех затронутых версий Windows.

ИБ-специалисты сообщают, что в сеть попала одна из крупнейших известных подборок учетных данных для устройств Fortinet.

Исследователи пишут о 73 000 скомпрометированных устройств по всему миру, а среди пострадавших организаций фигурируют Samsung, Foxconn, Comcast, AT&T, Mercedes-Benz, Toyota, Chevron и другие компании.

По оценкам исследователей, база содержит сведения о 73 932 уникальных URL-адресах устройств из 194 стран и затрагивает 21 632 домена.

ИБ-специалист Кевин Бомонт (Kevin Beaumont) независимо проверил часть данных и подтвердил их достоверность.

По его мнению, данные больше похожи на экспортированные конфигурации устройств Fortinet, так как содержат сведения, которые обычно досту…

В продаже доступно переработанное и дополненное издание книги Дмитрия Агарунова, основателя медиакомпании Gameland и журнала «Хакер».

Но он может изменить то, как он на них реагирует.

Книга рассказывает о том, как принимать сложные решения, сохранять устойчивость в периоды неопределенности, учиться новому и искать точки роста там, где другие видят только проблемы.

Отдельная часть книги посвящена истории «Хакера» и рассказу о том, как Gameland запускала нишевые медиа, как хакерское сообщество стало частью бизнеса, и одни проекты закрывались, а другие выживали.

Издание 2026 года существенно переработано и дополнено по сравнению с первой версией книги, которая разошлась тиражом в 3000 бумажных…

Threat actors are exploiting a recently patched security flaw impacting Gravity SMTP, a WordPress plugin that's installed on about 100,000 sites.

"This is due to a REST API endpoint registered at /wp-json/gravitysmtp/v1/tests/mock-data with a permission_callback that unconditionally returns true, allowing any unauthenticated visitor to access it," Wordfence said.

"As with all sensitive information exposure vulnerabilities, the impact depends on what data is exposed," Wordfence added.

A patch for the vulnerability has been released in version 2.1.5 of the plugin.

It's also advised to review server log files for requests originating from the aforementioned IP addresses for any suspicious requ…

Security researchers at Paradigm Shift have published a working exploit, dubbed usbliter8, that achieves arbitrary code execution inside the SecureROM of Apple's A12 and A13 chips.

With that setup, the exploit finishes in under two seconds, before Apple's signed boot chain loads.

What makes this exploitable on A12 and A13 is how Apple configures the USB DART (Device Address Resolution Table, the chip's IOMMU) inside SecureROM.

On affected devices, it runs in bypass mode, so the underflowing DMA pointer can reach and overwrite arbitrary SRAM.

No Software PatchThe closest public precedent is checkm8, the 2019 SecureROM exploit that permanently put A5-through-A11 devices outside Apple's patch …

This mature portfolio of EDR-terminating tools is centered around a framework that's known as GentleKiller.

"These tools are standardized through a shared defense-evasion layer, impersonating predominantly security vendors using fake version information, and copied legitimate certificates and icons."

GentleKiller specifically looks for 400 processes associated with 48 distinct security programs from a number of vendors.

It allows The Gentlemen operators to integrate abused drivers into their toolset very soon after an EDR killer PoC is disclosed."

"While most ransomware gangs continue to delegate EDR killing to affiliates, Gentlemen has chosen to centralize this function by offering affilia…

Microsoft researchers have detailed an exploit chain, named AutoJack, that turns an AI browsing agent into a delivery vehicle for remote code execution.

The flaw sits in AutoGen Studio, the open-source prototyping interface for Microsoft Research's AutoGen multi-agent framework.

There is still no PyPI build carrying the main-branch hardening for them; the fixed code is in GitHub main at commit b047730.

Put together, a page on the open internet, rendered by a local agent, could run an attacker-chosen command under the account running AutoGen Studio.

If they have to run together, isolate them in separate containers or VMs and run AutoGen Studio under a low-privilege account.

As part of the effort, 106 servers linked to SocGholish have been taken down and 14,971 WordPress sites have been rid of the infections.

It's distributed via compromised websites by masquerading as deceptive updates for web browsers like Google Chrome or Mozilla Firefox, and other popular software.

"The actor has also compromised websites in virtually every industry, from nonprofits and schools, to healthcare and hospitals, to legal and real estate organizations."

DNS threat intelligence firm Infoblox described SocGholish as a multi-stage JavaScript framework that converts compromised websites into drive-by download malware delivery vehicles.

Data from Infoblox shows that approximately 55% …

The sweeping campaign, believed to be the work of Russian-speaking threat actors, has been codenamed FortiBleed.

The fully-automated attack is built around a self-sustaining, two-step approach -The threat actor attempts a curated list of leaked Fortinet passwords against devices across the internet.

"However, when upgrading from earlier versions, existing administrator passwords remain stored as SHA-256 hashes until the corresponding administrator successfully logs in following the upgrade."

"As a result, many organizations likely continue to store administrator credentials using older SHA-256 with Salt hashing mechanisms."

Ensure use of the Password-Based Key Derivation Function 2 (PBKDF2)…

Gartner's Continuous Threat Exposure Management (CTEM) framework helps this shift from reactive, point-in-time assessments to a continuous, iterative cycle of scoping, discovery, prioritization, validation, and mobilization.

What "Agentic" Actually Means and Why It Matters NowThe term "AI" has become so overloaded in security marketing that it's worth being precise about what agentic AI actually means in this context.

Agentic AI acts.

Agentic AI to Operationalize CTEM and Proactive SecurityAn Agentic threat management architecture is what makes the difference between a CTEM framework that lives in a strategy document and one that runs continuously in the background.

The session will cover:W…

Shadow AI has shifted from a data leakage concern to an access control problem.

The threat isn't about what employees type into AI tools.

From passive tools to active actorsEmployees and business units are building AI agents at a pace most security teams can't keep track of.

A custom AI agent connected to Salesforce, Snowflake, GitHub, Gong, and Slack is an access control incident waiting to happen.

Here are six questions to define whether security teams have real control.

"This issue is limited to Klue's app connection and does not arise from a vulnerability within the Salesforce platform."

The development comes as an extortion group dubbed Icarus compromised and exfiltrated data from customers of Klue, including cybersecurity company Huntress.

"The data that was copied from our Salesforce account includes business contacts, price quotes, and other sales-related data and messaging," Huntress said.

"No threat data, passwords, payment card information, or engineering data relating to the Huntress agent or telemetry we collect was affected."

"The attacker used that access to obtain OAuth tokens used to connect Klue with certain third-party platforms, including …

Apple has updated its Beats Studio Buds wireless earbuds to patch a high-severity vulnerability that could be exploited by nearby hackers to eavesdrop on users.

"The exploit leverages both a hardware bug in the USB controller and a specific configuration flaw present in the device firmware," the European cybersecurity company said.

At a high level, the exploit works by leveraging a flaw in the USB controller built into Apple SoCs.

The problem, Paradigm Shift noted, is likely rooted in the USB controller hardware itself, not in Apple's software.

"On A12 and A13, USB DART is configured in bypass mode, allowing us to overwrite SRAM data freely.

F5 has released security updates to address two critical security flaws in NGINX Open Source that could be exploited to achieve code execution on affected systems.

The vulnerabilities are listed below -CVE-2026-42530 (CVSS v4 score: 9.2) - A use-after-free vulnerability in the ngx_http_v3_module that could be triggered by a remote unauthenticated attacker when NGINX Open Source is configured to use the HTTP/3 QUIC module to reopen a QPACK encoder stream by means of a specially crafted HTTP/3 session, and execute code on systems with Address Space Layout Randomization (ASLR) disabled or when the attacker can bypass ASLR.

(CVSS v4 score: 9.2) - A use-after-free vulnerability in the ngx_http_v…

AI chat links turned into malware delivery paths.

Add exposed edge gear, poisoned packages, cash courier scams, stealers, loaders, and phishing that barely bothers pretending anymore.

The browser extension, the AI chat link, the OAuth flow, the coding agent, the package install, and the “known good” cloud helper.

Treat packages like code execution.

Treat links from trusted platforms like links, not proof of safety.

Microsoft has disclosed details of a Windows-based cryptocurrency clipper campaign that has targeted users since February 2026.

"The execution of this clipper is notable because it does not depend on a traditional installer or exposed IP-based C2 infrastructure.

Clipper malware refers to a type of malicious software that silently monitors a user's clipboard and intercepts sensitive data pasted into the short-term buffer.

The worm component, besides ensuring propagation to other uncompromised USB drives, deploys scheduled tasks as a form of persistence for both the worm component and the stealer component.

"It also hijacks cryptocurrency addresses by replacing copied wallet values with attac…

Cybersecurity researchers have charted the evolution of INC from an nascent ransomware-as-a-service (RaaS) operation to one of the most prolific cybercrime groups in 2026, claiming no less than 830 victims since August 2023.

"The disruption of LockBit and the shutdown of BlackCat created opportunities for INC to expand as affiliates migrated to alternative ransomware operations," Acronis researcher Darrel Virtusio said.

"United States organizations account for more than 65% of listed victims, with legal services, manufacturing, construction, technology and health care among the most targeted sectors."

"INC ransomware affiliates utilize a diverse range of tools and techniques in targeting vi…

Threat actors associated with the DragonForce ransomware have been observed using a custom Go-based remote access trojan (RAT) called Backdoor.Turn to conceal command-and-control (C2) traffic inside Microsoft Teams relay infrastructure.

"To network defenders, the only traffic they could see was outbound connections to legitimate Microsoft Teams servers.

The development marks the first publicly documented instance of the threat actors abusing Microsoft's Traversal Using Relays around NAT (TURN) relay infrastructure.

"The backdoor requests a visitor token from the Microsoft Teams/Skype backend, uses that token to interact with Teams-associated infrastructure (TURN relay), and then establishes…

The group distinguishes itself through a mature, operator-maintained set of endpoint detection and response (EDR) killers, i.e., tools for disrupting security software.

In this blogpost, we share our findings on Gentlemen’s suite of EDR killers gained through extensive research and corroborated by the recent leak.

Third‑party EDR killers (HexKiller, ThrottleBlood, and HavocKiller) are operationally integrated.

Rather than relying on affiliates to source their own EDR killers, Gentlemen operators actively develop and maintain a portfolio of EDR killers for affiliates.

It allows the Gentlemen operators to integrate abused drivers into their toolset very soon after an EDR killer PoC is disclos…

Of course, connecting production systems to enterprise networks delivers tangible benefits, but the security implications – that systems once safe were suddenly no longer so – arrived more quietly.

Start by mapping which systems in an environment are connected and have no security coverage, where IT and OT networks intersect, which segments are unmonitored, and which production systems have fallen outside any vendor support agreement.

Meanwhile, off-the-peg security tools often don’t efficiently meet the enterprise requirements in legacy OT systems that run on older hardware and outdated operating system versions.

The production systems running that version continue to operate for years, ac…

Key points of this blogpost: We discovered two previously undocumented Windows variants of FishMonger’s SprySOCKS backdoor.

Technical analysisIn this section, we provide a technical analysis of these new, Windows variants of FishMonger’s SprySOCKS backdoor.

Figure 3. klelam00007.bat setting up persistence for the SprySOCKS backdoor (newlines added for readability)Figure 4 depicts the execution chain of the SprySOCKS WIN_DRV variant.

It contained the SprySOCKS backdoor and the SprySOCKS loader.

6490B8E4AADE25A3EE2D A9A47F312DB2122470BC X1B5206BDC1 743DD.dat Win64/SprySOCKS.A Encrypted container of the encrypted WIN_DRV variant of SprySOCKS backdoor, encrypted SprySOCKS RawWNPF and SprySOCKS …

Instead, attackers get the victim to complete a legitimate authentication process – including two-factor authentication (2FA) – on a real Microsoft login page.

What makes EvilTokens dangerousThe OAuth device code flow was designed for devices that may be awkward to sign into directly, such as smart TVs or printers.

No document, invoice, email, or another platform should ask for a device code without a clear reason.

A real Microsoft page doesn’t automatically make a request safe.

Sometimes the attacker could ask them to enter a real code on a real page – but for the wrong device.

During this period, the Vietnam-aligned OceanLotus adopted a more selective approach to external operations while placing increasing emphasis on domestic espionage.

We identified two distinct campaigns involving the SPECTRALVIPER backdoor: a supply-chain attack targeting stock investors in Vietnam and a prolonged espionage operation against a Vietnamese infrastructure and transport construction company.

The domain resolved to the genuine IP address of the FireAnt update server, suggesting a supply-chain compromise scenario.

LTD 2025‑09‑20 SPECTRALVIPER C&C server.

]com IRT‑CHOOPALLC‑AP 2025‑09‑20 SPECTRALVIPER C&C server.

But that realization alone clearly doesn’t prepare them to withstand an attack.

Have the repeat victims come to view their brushes with cyber-incidents as proof of “what doesn’t kill me makes me stronger”?

For all the talk around AI, automation and attacker sophistication, many SMB breaches still begin with a familiar opening.

A total of 71% of SMBs globally now carry cyber insurance, rising to 84% in North America, with adoption climbing sharply among repeat victims.

While “when, not if” has never been more true, that alone doesn’t prepare a business for adversity.

There’s a phrase that is peddled out by governments and companies alike when a catastrophe of any type – including a cybersecurity breach – occurs: “Lessons have been learnt”.

The 130% increase in significant incidents between 2024 and 2025 severely challenges this assertion and points to lessons not being learnt, at a macro level.

In fact, this reluctance to look could also be normalcy bias quietly doing its work.

That is why this metaphor matters – cybercriminals discover the gap between what an organisation believes about its security and what the reality is.

We must accept that normalcy bias exists and act upon it.

Our kids are exposed to many of the same identity, privacy, and data security risks as their parents.

Why do people want my kids’ data?

But when they do finally flag fraud, the impact on your child’s credit history can be severe.

Apply for a credit freeze for your child’s identity with all three major credit bureaus.

Keeping your child’s identity safe should not be about restricting their digital world.

Here's some of what caught Tony’s attention in May 2026:Poland’s Internal Security Agency (ABW) has released information about cyber-intrusions into ICS (industrial control systems) at five water treatment facilities in the country in 2024 and 2025.

The two main attack vectors – weak passwords and systems exposed directly to the internet – were the same as those used in attacks against the Polish energy sector that leveraged DynoWiper described by ESET researchers here.

What are some key mitigation steps against attacks targeting OT systems?

How do scams crypto ATMs work and how to stay safe?

Learn this and more in Tony's video and be sure to check out the April 2026 edition of Tony's month…

ESET APT Activity Report Q4 2025–Q1 2026 summarizes notable activities of selected advanced persistent threat (APT) groups documented by ESET researchers from October 2025 through March 2026.

During the monitored time frame, China-aligned threat actors remained highly active worldwide, conducting espionage campaigns shaped in part by geopolitical developments affecting Beijing’s economic and security interests.

The war in Iran that began in late February 2026 was the defining event for Iran-aligned activity during this period.

Russia-aligned threat actors continued to focus overwhelmingly on Ukraine and entities connected to the country’s defense efforts.

Intelligence shared here is based m…

Alongside a number of freely available AI chatbots, major technology companies have moved into consumer-facing health AI with the launches of services such as Copilot Health, ChatGPT Health, and Amazon’s HealthAI that models help users interpret their medical records and ask questions about their symptoms, lab results and treatment options.

Misuse of AI chatbots in general is now the number one health technology hazard out there, according to one US patient safety organization.

Your health data is not like a stolen credit card that can be frozen while the details are replaced and reissued.

Even so, people should be cautious: health data is unusually sensitive, and anonymization doesn’t alwa…

Our recent review of threat detections in Brazil surfaced BTMOB, an Android remote access trojan (RAT) that is less notable for detection volume than for the damage it can wreak.

BTMOB at a glanceFirst described in February 2025, BTMOB has evolved from the SpySolr malware.

BTMOB APK creation toolHow does BTMOB spread?

For example, researchers Johnk3r and Merl recently spotted campaigns that spread BTMOB while impersonating Argentina’s tax and customs authorities.

ESET products detect the primary tool as MSIL/BtmobRat, while related Android variants trigger detections such as Android/Spy.Agent.EED, Android/Spy.Agent.EIJ and Android/Spy.Agent.EIK.

Many soccer fans may still be hunting for tickets, merchandise, travel and hospitality packages – and scammers know exactly how to exploit this demand.

]shop, uses a domain that looks close enough to FIFA and the 2026 World Cup to catch a hurried visitor.

Fake site impersonating the official FIFA World Cup 2026™ websiteThe trickery doesn’t stop there, however.

Official FIFA World Cup 2026™ websiteBut back to the fake website – here’s what happens if you want to “purchase” tickets or merchandise.

The countdown to the World Cup gives criminals a ready-made audience: countless people hunting for tickets, merchandise and various last-minute opportunities.

Discord and Microsoft Graph API C&C communicationIn 2025, Webworm started abusing Discord and Microsoft Graph API for C&C communication.

]com/anjsdgasdf/WordPress, which acts as a file stager for other tools and malware used by Webworm (one such tool used the compromised Amazon S3 bucket mentioned above).

WormFrpWormFrp is a proxy tunneling tool inspired by the existing fast reverse proxy (frp) utility that Webworm also uses.

ChainWormChainWorm is another custom proxy tool used by Webworm operators.

FilesSHA-1 Filename Detection Description CB4E5043333670738142 9707F59C3CBE8D497D98 SearchApp.exe WinGo/Agent.ZK EchoCreep backdoor using Discord for C&C.

Europe’s push for tech sovereigntyIn Europe, calls for greater tech sovereignty – the ability to choose and act independently, autonomously, and securely – have become almost deafening.

Over the last year in the EU, several groups of countries have coalesced around more or less political approaches to tech sovereignty.

This is where the EU’s enhanced focus on ICT supply chain security comes into foreground complementing the initiatives specifically aimed at tech sovereignty.

In response to growing demands for national tech sovereignty and protection of local competitiveness in various regions around the world, several US tech firms have begun offering “sovereign” solutions tailored to forei…

AI vulnerability discovery is pushing 2026 CVEs toward 66,000Vulnerability disclosures are piling up faster in 2026 than anyone expected at the start of the year.

What happens to oversight when AI agents write a lab’s own codeInside the labs building frontier AI, a growing share of the coding gets done by the AI itself.

Because these resources are often isolated in separate systems, agents have limited ability to discover and connect to capabilities outside their own environment.

But now, the same principle applies to non-human entities: machines, APIs, bots, and increasingly, AI agents.

How security teams are getting credential visibility into developer endpointsAttackers increasingly targ…

Cybersecurity vendor Huntress was among multiple companies hit by a breach originating at Klue, a market intelligence platform used to integrate CRM and sales data across various business tools.

Huntress said the attackers made off with business contacts, price quotes, and other sales-related data and messaging, but not threat data, passwords, payment card information, or engineering data relating to the Huntress agent or telemetry.

The company has shared indicators of compromise and recommended other Klue customers review logs, request access records from affected vendors, and consider revoking active sessions tied to the compromised integrations.

Salesforce cuts off Klue appOn Wednesday, …

A cryptocurrency-stealing malware campaign used inflated GitHub activity, software reviews, YouTube tutorials and favorable VirusTotal comments to make malicious trading and gambling tools appear trustworthy, Check Point researchers found.

According to the researchers, the attackers packaged the malware as tools designed to help users make money.

The same tools were promoted through a YouTube channel featuring AI-generated narration, and some malware samples received favorable votes and comments describing them as safe on VirusTotal.

“The actor appears to operate at least six GitHub accounts to promote and distribute his malicious software.

YouTube tutorials and news-site promotionThe attac…

CISA has added CVE-2026-20253, a critical, remotely exploitable vulnerability in Splunk Enterprise, to its Known Exploited Vulnerabilities catalog, and ordered US federal civilian agencies to apply mitigations by June 21, 2026.

“In Splunk Enterprise 10.2 versions below 10.2.4 and 10 versions below 10.0.7, an unauthenticated user could create or truncate arbitrary files through a PostgreSQL sidecar service endpoint,” Splunk explained in the security advisory for CVE-2026-20253, published on June 10, 2026.

The PostgreSQL sidecar service is responsible for database backup and recovery operations, and the vulnerability is caused by the PostgreSQL sidecar service endpoint having no authenticatio…

Google has introduced hand gesture verification for reCAPTCHA, a new method for verifying that a user is human.

Google’s reCAPTCHA is part of Google Cloud Fraud Defense, a fraud and abuse prevention platform for bot, account, and transaction protection.

How hand gesture verification worksWhen the hand gesture feature is enabled, reCAPTCHA analyzes one or more videos of a user’s hand as they perform prompted gestures.

Hand gesture verification requires camera access and prompts users to perform specific gestures.

Users who cannot complete hand gesture verification because of accessibility needs can continue using reCAPTCHA’s visual and audio challenges.

The 4.6 release centers on a feature called Collections, along with reworked profiles, email newsletters, server administration controls, and a set of accessibility changes.

Each user controls which collections their own profile appears in.

Your collections will also be available on your own Mastodon profile, under the Featured tab.

In the future, we are planning to introduce some ways to browse and discover popular collections,” the Mastodon team said.

The “Featured” tab that shows collections and featured profiles can also be turned off.

Android’s developer verification protections will take effect on September 30, 2026, starting with users in Brazil, Indonesia, Singapore, and Thailand.

Google introduced Android developer verification last year and launched app registration in March, linking apps to verified identities.

The Android Developer ID Status API will launch globally in July 2026, while early access for the Android Developer Console API will begin the same month.

Google will open early access to limited distribution accounts in Android Developer Console.

Limited distribution accounts and the Android Developer Console API will launch globally in August 2026.

Dragos’ OT threat detection, trusted vendor-neutral platform and proprietary dataset will be enhanced through the acquisitions of runZero and NetRise.

Combining Dragos with runZero and NetRise will deliver a unified solution that enhances visibility, accelerates threat detection and response and strengthens Dragos’ ability to scale adoption of its broadened platform.

As geopolitical and AI-driven threats accelerate, most cybersecurity budgets remain focused on IT, leaving critical infrastructure xOT environments exposed.

These acquisitions are expected to meaningfully expand Accenture’s position in the OT cybersecurity market from services, where Accenture is already an established leader i…

BlackFog has announced the general availability of ADX Vision for macOS, extending its shadow AI detection, governance, and prevention platform to Apple endpoints.

BlackFog’s research shows that most employees now use AI tools in their daily work, however nearly half, 49%, use tools without employer approval.

The launch of ADX vision for macOS marks the third major exfiltration threat addressed through BlackFog’s endpoint-native architecture.

The same on-device protection model that has disrupted ransomware double extortion since 2019 has now been extended to shadow AI.

Our answer has always been the endpoint; it was true for ransomware and it’s something that holds up across the threats fr…

Drops run inside ordinary browser tabs and keep encrypted chunks in IndexedDB, the storage built into web browsers.

Magarshak presents this combination of random-access decryptable streaming and per-segment access control as new among encrypted storage networks.

He identified the open piece as the relay path, where a routing server covers gas for a storage node and needs session-key signing wired in.

Under these terms a storage node learns nothing from the ciphertext, a node cannot return altered bytes without detection, and a node that claims storage it lacks fails the challenge.

The encryption, storage, routing, and payment layers can be audited and run without Safebox involved at all,” h…

Many large enterprises discard most of the log data their systems generate, and they do it on purpose to keep costs down.

That choice carries a security cost of its own.

When an organization conducts cyber forensics or runs a security investigation, log data is among the first things it reaches for.

AI agents write logs and read them, which turns log data into a shared language between software and the people running it.

The people deleting logs and the people who need them during an incident are frequently different people, measured against different goals.

Criminal groups target businesses, governments, and individuals through online fraud, ransomware, phishing campaigns, and credential theft.

“The Asia and South Pacific region is home to some of the world’s fastest-growing digital economies – and, increasingly, some of its most determined cybercriminals.

Online fraud operations grow in scaleOne of the most significant developments is the industrialization of online scam operations.

These operations generate close to $40 billion annually through investment fraud, romance scams, and other forms of online deception.

These campaigns often serve as the entry point for financial fraud, account compromise, and malware deployment.

Here’s a look at the most interesting products from the past week, featuring releases from ArmorCode, Barracuda Networks, Blue Planet, Flip, Fortinet, Legit Security, Tigera, and WitnessAI.

ArmorCode helps product manufacturers prepare for EU Cyber Resilience Act requirementsArmorCode has announced new Cyber Resilience Act (CRA) capabilities within the ArmorCode Agentic AI Platform.

Tigera introduces unified control plane for Kubernetes-based AI agent securityTigera has announced the general availability of Tigera Lynx, a unified control plane for Kubernetes-native AI agents.

WitnessAI Agentic Control secures AI agents, tools, and MCP server accessWitnessAI has announced extended agentic se…

The result of this most recent multinational law enforcement action was announced today by the Dutch National Police and on the operation’s website.

How SocGholish infects victimsMore often than not, SocGholish copromises legitimate WordPress sites and injects them with a highly obfuscated JavaScript.

“As our own analysis shows, nearly 55% of the customer networks in our dataset attempted to reach SocGholish infrastructure during a five-month period.

Advice for WordPress site ownersAccording to Infoblox, TA569 usually compromises websites themselves, but also accepts traffic from affiliates.

This latest Operation Endgame-related action included notifying the owners of the compromised WordPr…

About Bruce SchneierI am a public-interest technologist, working at the intersection of security, technology, and people.

I've been writing about security issues on my blog since 2004, and in my monthly newsletter since 1998.

I'm a fellow and lecturer at Harvard's Kennedy School, a board member of EFF, and the Chief of Security Architecture at Inrupt, Inc.

This personal website expresses the opinions of none of those organizations.

Anthropic’s Fable and the State of AIOn June 9th, Anthropic released its Fable generative AI model.

Fable is the constrained version of Mythos, the AI model Anthropic announced in April.

Fable is just another incremental improvement in the years-long climb of AI capabilities.

But just as important as the AI model is the “harness.” This is typically not AI.

To an AI model, constraints are just things to get around and not general truisms about the world.

At least one malware developer is adding text about nuclear and biological weapons to their spyware, in an effort to stop automatic AI analysis.

Details:The _index.js payload begins with a large JavaScript block comment containing fake system instructions and policy-triggering content.

The real malware begins after the comment with a try{eval(…)} wrapper around a large character-code array and a ROT-style substitution function.

In weak pipelines, this can cause refusal behavior, prompt confusion, context pollution, or premature classification before the scanner reaches the actual malware.

YARA rules, entropy checks, AST parsing, string extraction, deobfuscation, and behavioral rules still w…

The office of management and budget (OMB) disclosed a staggering 3,611 active or planned use cases for AI across the federal government.

The Department of Energy is testing the use of AI to control nuclear reactors, targeting a way to autonomously respond to potential nuclear safety incidents.

In some cases, like the HHS system, the AI might be enforcing alignment to a policy prescription that opponents abhor.

The use of predictive methods and statistics to assign prisoner security classifications goes back decades, even if such systems are often biased and ineffective.

What matters are the details of how the AI system is used, and here the inventory is severely lacking.

About Bruce SchneierI am a public-interest technologist, working at the intersection of security, technology, and people.

I've been writing about security issues on my blog since 2004, and in my monthly newsletter since 1998.

I'm a fellow and lecturer at Harvard's Kennedy School, a board member of EFF, and the Chief of Security Architecture at Inrupt, Inc.

This personal website expresses the opinions of none of those organizations.

A proposed FCC rule would kill burner phones: phones whose accounts are not attached to a particular person.

The FCC plans to do this by legally forcing the country’s telecoms to store a wealth of personal information about essentially all phone customers, including a government issued identification number and their physical address, alarming privacy advocates and civil rights activists who compare the measures to those from authoritarian countries where it can be difficult to buy a mobile phone plan without giving up your identity.

The proposed change would drastically shake up how people obtain phone plans in the U.S., and have all sorts of privacy and cybersecurity knock-on effects.

The…

Upcoming Speaking EngagementsThis is a current list of where and when I am scheduled to speak:The list is maintained on this page.

Posted on June 14, 2026 at 12:07 PM • 0 Comments

Friday Squid Blogging: Squid-Inspired Fluid PumpThis fluid pump was inspired by the way squids propel themselves through the water.

As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.

Blog moderation policy.

Posted on June 12, 2026 at 5:05 PM • 0 Comments

Bernie Sanders’ AI Sovereign Wealth Fund PlanLet no one accuse Bernie Sanders of ducking the big questions.

As to the goal of reshaping AI in the public interest, we have proposed an AI Public Option.

Apertus is a large language model built by Swiss public servants, researchers at Swiss universities, using appropriately licensed training data and pre-existing Swiss public supercomputing infrastructure powered by renewable energy.

Don’t confuse public AI with “sovereign AI“, the notion that every country needs to invest in domestic AI infrastructure.

So why is he pursuing the sovereign wealth fund strategy when he must be aware of these risks?

The surveillance company Leonardo wants more data:A surveillance company plans to add sensors to automatic license plate readers (ALPRs) that would mean the devices, as well as capture the license plate of passing vehicles, would also sweep up unique identifiers of mobile phones, wearables, and other Bluetooth-enabled devices in those cars, potentially letting law enforcement identify specific drivers or passengers.

The technology, called SignalTrace, would turn ALPR cameras from devices focused on tracking cars to ones that can more readily track the location of particular people.

ALPR cameras have become a commonly deployed technology all across the U.S.; SignalTrace would make some of th…

About Bruce SchneierI am a public-interest technologist, working at the intersection of security, technology, and people.

I've been writing about security issues on my blog since 2004, and in my monthly newsletter since 1998.

I'm a fellow and lecturer at Harvard's Kennedy School, a board member of EFF, and the Chief of Security Architecture at Inrupt, Inc.

This personal website expresses the opinions of none of those organizations.

This is interesting:The U.S. military has likely been quietly broadcasting codes for its global encryption network using public GPS for nearly 20 years, turning each satellite into a hidden “numbers station,” according to Steven Murdoch…That means every device that uses GPS has been receiving hidden government information for years, and nobody outside the military knew it until now.

[…]Murdoch discovered that this particular sentinel was transmitted by all 31 operational satellites within a window of a few hours on May 26, 2011, potentially heralding the activation of a new operational system.

He confirmed that this timeline coincided with the rollout of the military’s Over-the-Air Distribu…

If you’re a user—owner?—of this cryptocurrency, this is important:On May 29, the security researcher Taylor Hornby found a critical vulnerability in Zcash Orchard privacy pool using Claude Opus 4.8.

The Zcash team hired Hornby specifically to look for this kind of issue.

The Orchard pool is the newest and most advanced shielded transaction system in the cryptocurrency Zcash.

Introduced in 2022, it allows users to send and receive ZEC while keeping transaction details private.

The bug: a specific check that was supposed to validate transaction inputs wasn’t actually enforcing the rules it appeared to enforce.

Anthropic’s Project Glasswing UpdateIn April, Anthropic initated Project Glasswing.

The idea was to let companies use their new model to find and fix vulnerabilities in their own software.

It was a fantastic PR move, and so many press outlets have uncritically parroted Anthropic’s claims that it’s now common wisdom that Mythos is better at finding software vulnerabilities than other models.

In any case, Anthropic has published a Project Glasswing status report.

That Anthropic refuses to release details—that it just says “trust us”—is a big problem here.

AI WormResearchers have prototyped an AI-powered internet worm.

The coolest thing about the prototype is that it carries its own LLM with it, and runs it on computers that have been broken into.

This is the closest to John Brunner’s original 1975 conception of a computer worm that I’ve seen.

Posted on June 5, 2026 at 9:21 AM • 0 Comments

This post examines clues pointing to a real life identity for the administrator of The Gentlemen ransomware group.

Experts at the security firm Check Point Software have been closely covering exploits of The Gentlemen, a so-called “ransomware-as-a-service” (RaaS) offering that pays affiliates handsomely to help spread the group’s malware.

According to Check Point, the group targets Internet-facing devices (VPNs, firewalls) as their entry point, and once inside moves quickly to encrypt entire networks within hours.

Check Point says the administrator and primary operator of the ransomware group uses the nickname Zeta88 on the Russian-language cybercrime forums, and that this individual was pr…

Microsoft today released software updates to plug nearly 200 security holes across its Windows operating systems and supported software, a record number of fixes for the company’s monthly Patch Tuesday cycle.

“Some surveys put AI usage among security professionals generally at 90%, so it’s unsurprising that this volume of patches may be the norm,” Narang said.

Microsoft received heavily blowback on social media last month after it said in a blog post that it was considering taking legal action against the security researcher.

While 200 vulnerabilities may be a record for Patch Tuesday, the actual number of security flaws Microsoft addressed this month is far higher, said Rapid7’s Adam Barne…

On May 31, word began to spread on several Telegram instant message channels that Meta’s AI bot would happily add an email address to an existing account as part of the bot’s standard password reset flow.

Meta has not responded to requests for comment on the video’s claims, but the company reportedly did acknowledge the dormant Instagram account for the Obama White House was briefly compromised.

Meta’s solution was to deploy a conversational AI layer to handle common recovery workflows: relinking a lost email address, triggering a password reset, verifying account ownership.

Just like human customer support employees can be social engineered into providing unauthorized access to someone’s a…

But as KrebsOnSecurity observed in September 2025, those sanctions failed to target Stark’s remaining connection to the Internet — an Internet service provider based in the Netherlands called MIRhosting.

MIRhosting is operated by Andrey Nesterenko, a 39-year-old Russian native who runs the business out of the Netherlands.

And as our September 2025 report showed, WorkTitans was controlled by Nesterenko and a 57-year-old from Amsterdam named Youssef Zinad.

On top of that, WorkTitans was getting connectivity to the larger Internet solely through MIRhosting, where Zinad had worked previously.

“The transition to the.hosting was not intended to evade sanctions,” Nesterenko wrote.

The inquiry comes as CISA is still struggling to contain the breach and invalidate the leaked credentials.

Experts who reviewed the exposed secrets said the commit logs for the code repository showed the CISA contractor disabled GitHub’s built-in protection against publishing sensitive credentials in public repos.

CISA acknowledged the leak but has not responded to questions about the duration of the data exposure.

TruffleHog does this by monitoring a live feed that GitHub publishes which includes a record of all commits and changes to public code repositories.

In practical terms, it is likely that cybercrime groups or foreign adversaries also noticed the publication of these CISA secrets, …

A criminal complaint unsealed today in an Alaska district court charges Jacob Butler, a.k.a.

“Dort,” of Ottawa, Canada with operating the Kimwolf DDoS botnet.

“KimWolf was tied to DDoS attacks which were measured at nearly 30 Terabits per second, a record in recorded DDoS attack volume,” the Justice Department statement reads.

Synthient was among many technology companies thanked by the Justice Department today, and Synthient’s founder Ben Brundage told KrebsOnSecurity he’s relieved Butler is in custody.

The DOJ said at least one of those services collaborated with Butler’s Kimwolf botnet.

Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repository that exposed credentials to several highly privileged AWS GovCloud accounts and a large number of internal CISA systems.

Another file exposed in their public GitHub repository — “AWS-Workspace-Firefox-Passwords.csv” — listed plaintext usernames and passwords for dozens of internal CISA systems.

“The available Git metadata alone does not prove which endpoint or device was used.”Caturegli said he validated that the exposed credentials could authenticate to three AWS GovCloud accounts at a high privilege level.

CISA has not responded to questions about the p…

Artificial intelligence platforms may be just as susceptible to social engineering as human beings, but they are proving remarkably good at finding security vulnerabilities in human-made computer code.

May’s Patch Tuesday is a welcome respite from April, which saw Microsoft fix a near-record 167 security flaws.

But at the end of April, Oracle announced it was switching to a monthly update cycle for critical security issues.

Chrome automagically downloads available security updates, but installing them requires fully restarting the browser.

For a more granular look at the Microsoft updates released today, checkout this inventory by the SANS Internet Storm Center.

The stated deadline for payment was initially set at May 6, but it was later pushed back to May 12.

The May 6 update stated that Canvas was fully operational, and that Instructure was not seeing any ongoing unauthorized activity on their platform.

Instructure responded by pulling Canvas offline and replacing the portal with the message, “Canvas is currently undergoing scheduled maintenance.

Data extortion groups like ShinyHunters will typically only remove victims from their leak sites after receiving an extortion payment or after a victim agrees to negotiate.

Last month, ShinyHunters relieved the home security giant ADT of personal information on 5.5 million customers.

For the past several years, security experts have tracked a series of massive DDoS attacks originating from Brazil and solely targeting Brazilian ISPs.

The company originated from protecting game servers against DDoS attacks and evolved into an ISP-focused DDoS mitigation provider.

But so-called “DNS reflection” attacks rely on DNS servers that are (mis)configured to accept queries from anywhere on the Web.

“We received and notified many Tier 1 upstreams regarding very very large DDoS attacks against small ISPs,” Nascimento said.

Nascimento flatly denied being involved in DDoS attacks against Brazilian operators to generate business for his company’s services.

A 24-year-old British national and senior member of the cybercrime group “Scattered Spider” has pleaded guilty to wire fraud conspiracy and aggravated identity theft.

FBI investigators tied Buchanan to the 2022 SMS phishing attacks after discovering the same username and email address was used to register numerous phishing domains seen in the campaign.

That same year, U.K. investigators found a device at Buchanan’s Scotland residence that included data stolen from SMS phishing victims and seed phrases from cryptocurrency theft victims.

Buchanan is the second known Scattered Spider member to plead guilty.

Two other alleged Scattered Spider members will soon be tried in the United Kingdom.

“This CVE can enable phishing attacks, unauthorized data manipulation, or social engineering campaigns that lead to further compromise,” Walters said.

Satnam Narang, senior staff research engineer at Tenable, said April marks the second-biggest Patch Tuesday ever for Microsoft.

Narang also said there are indications that a zero-day flaw Adobe patched in an emergency update on April 11 — CVE-2026-34621 — has seen active exploitation since at least November 2025.

Adam Barnett, lead software engineer at Rapid7, called the patch total from Microsoft today “a new record in that category” because it includes nearly 60 browser vulnerabilities.

For example, a Google Chrome update released earlier t…

Hackers linked to Russia’s military intelligence units are using known flaws in older Internet routers to mass harvest authentication tokens from Microsoft Office users, security experts warned today.

The spying campaign allowed state-backed Russian hackers to quietly siphon authentication tokens from users on more than 18,000 networks without deploying any malicious software or code.

Instead, they used known vulnerabilities to modify the Domain Name System (DNS) settings of the routers to include DNS servers controlled by the hackers.

English said the routers attacked by Forest Blizzard were reconfigured to use DNS servers that pointed to a handful of virtual private servers controlled by …

An elusive hacker who went by the handle “UNKN” and ran the early Russian ransomware groups GandCrab and REvil now has a name and a face.

Shchukin’s name appeared in a Feb. 2023 filing (PDF) from the U.S. Justice Department seeking the seizure of various cryptocurrency accounts associated with proceeds from the REvil ransomware gang’s activities.

The Gandcrab ransomware affiliate program first surfaced in January 2018, and paid enterprising hackers huge shares of the profits just for hacking into user accounts at major corporations.

The Gandcrab team would then try to expand that access, often siphoning vast amounts of sensitive and internal documents in the process.

REvil never recovered f…

Hide My Email is a privacy feature that lets users create unique, random email addresses that forward messages to your real inbox.

That means you can sign-up for websites, newsletters, and apps without exposing your personal email address.

The problem is, however, that one of the reasons that Hide My Email worked so well was because its aliases were indistinguishable from regular iCloud email addresses.

All any website or app that wants to block anonymous sign-ups now has to do is to reject any email address ending in "@private.icloud.com".

For now, if you already have existing Hide My Email addresses in use, they should continue to work without any changes on your part.

Someone is pretending to be your bank, your government, or your local planning office. And according to the FTC, they're making billions doing it. Read more in my article on the Fortra blog.

Which is the connection between your AI agent and Sentry.

And when your AI agent reads data back from one of those services, it treats it as trusted and authoritative.

And so the AI agent does what agents are supposed to do.

But if an attacker can plant text somewhere that your AI agent will read, it's possible that your AI agent will act upon it, and that may not be good.

And then whenever AI wants to access something, AI has to give a reason — why do I want that?

The US state of Maine has taken its public data breach notification portal offline after someone submitted fraudulent breach disclosures impersonating two well-known technology companies.

As Bleeping Computer reported last week, fraudulent data breach disclosures were submitted to Maine's official breach portal and publicly posted before their legitimacy could be verified, prompting the named companies to deny the claims.

However, somewhat more convincing was a fake breach notice that targeted the multiplayer social virtual reality platform VRChat.

It appears that the abuse of the system was possible because the Maine data breach reporting system lacked a proper verification mechanism.

Anyo…

According to media reports, a security blunder carelessly leaked the passport details of every player in Argentina's World Cup squad ahead of Tuesday's warm-up friendly against Iceland.

But why are passport numbers on a World Cup team sheet at all?

Under FIFA regulations, teams must provide passport numbers around an hour before a match kicks off.

So the passport numbers belong in the information handed to the referee.

Before releasing any document containing sensitive data, verify that the data has actually gone - not just covered up.

Most extortion gangs hide behind a keyboard. Silent Ransom Group will phone your staff pretending to be IT support - and if that fails, send someone to your office in person to plug in a USB stick. Read more in my article on the Fortra blog.

Yeah, I've decided I should actually know something about technology after about 15 years of covering it.

This week I'm talking about helpful AI, maybe too helpful AI, which is the Meta AI, which seems to have been giving anyone who asked nicely anyone else's password.

And continuing the AI theme, I'm going to be talking about an AI worm that appears to think for itself.

I think I'm not going to cry with offense if you say that.

You're going to spend the money and you've got the money to spend.

Evanston Township High School (ETHS), located approximately 14 miles north of Chicago, says it was hit by a ransomware attack on Sunday, June 7 2026.

No ransomware group has claimed responsibility for the attack against ETHS, and it is not known if any personal data has been exfiltrated by cybercriminals.

The sad truth is that schools are attractive targets to cybercriminals.

And, as is demonstrated by the closure of ETHS, schools often rely upon networked systems for everything from the platforms used to teach pupils to providing physical access controls.

Meanwhile, schools don't just face serious threats from organised criminal gangs but also from within their own walls.

If you've ever received an out-of-the-blue message via LinkedIn from a recruiter offering some well-paid consultancy work, intelligence agencies have a message for you: be very careful.

According to the bulletin, entitled "Safeguarding Our Secrets", Chinese intelligence officers - or third parties acting on their behalf - are posing as employees of private consultancies, think tanks, and HR firms.

According to the intelligence agencies, targets do not need security clearances to be of use to Chinese spies.

Western agencies warn that just submitting a CV containing your employer history, specialist knowledge, and details of professional contacts has am intelligence value.

The Five Eyes intel…

Hackers have been hijacking Instagram accounts at scale by exploiting Meta's AI support chatbot. And, as if that weren't bad enough, the technique required no technical skill whatsoever. Read more in my article on the Fortra blog.

This AI security flaw might be impossible to fix with Graham Cluley and special guest Tanya Janca.

Yeah, I've done some work with them in the past and they're actually sponsoring this episode of the podcast.

Turns out some quiet little permission that crept wider over 3 years, a policy exception that nobody had reviewed, the kind of thing that's invisible until it isn't.

I don't know if that was also exposed on the WebBucket, but yeah, it's additional information though, isn't it?

And I used to work at the Canadian Revenue Agency, so I know they're not following the policy because I wrote it.

Dutch police have arrested a 35-year-old man suspected of hacking into the computer systems of Amsterdam football giant Ajax, after the personal data of hundreds of thousands of supporters was put at risk.

However, it quickly emerged that the claim of a "few hundred" potential victims was wide of the mark, as it was reported that the incident could have exposed the personal details of around 300,000 registered Ajax supporters.

In short, the number of supporters whose details were exposed was around 1000 times larger than the club's initial estimate.

Ajax says that it has worked with external experts to patch the vulnerabilities, and has strengthened its security.

It is easy to imagine that …

The Play ransomware gang is claiming to have stolen data from US pillow manufacturer MyPillow, making off with private and personal confidential data.

The company denies it has been hit, and the Play ransomware gang claims otherwise.

The truth is likely to emerge quickly, as the deadline for payment listed by Play on its leak portal is reached tomorrow.

We'll know soon enough whether Friday's payment deadline from the Play ransomware group brings a data dump or a quiet anticlimax.

One thing is certain - ransomware gangs target anyone they think might pay, and strong defences are needed by all organisations.

Smashing Security, Episode 469: What Your Oura Ring Won't Tell You, with Graham Cluley and special guest Lesley Carhart.

Because one of the things, I don't know how many people know this, but you are actively into martial arts.

I don't know.

I don't know if it's a real martial art, but I don't want to get in that argument with anybody.

And this is just a prime example of really, really, you did that.

The FBI has issued an advisory warning about a phishing-as-a-service platform that has recently emerged, which can hijack Microsoft 365 accounts without ever stealing a password.

Kali365 is a subscription service for scammers that was first spotted in April 2026, and has been promoted largely through Telegram.

Subscribers to Kali365 have access to AI-generated phishing lures, automated campaign templates, real-time dashboards for tracking targets, and the ability to capture OAuth tokens.

If you've done that, you've used "device code flow."

And this is why the FBI's top recommendation is to block device code flow, with a conditional access policy in Microsoft Entra ID where appropriate.

Ставка на проигрышВо время чемпионата мира предсказания результатов матчей и «ставки на спорт» становятся особенно популярны — чем активно пользуются злоумышленники.

Это еще и рекордные продажи коллекционной атрибутики — наклеек, шарфиков, формы сборных, официальных мячей турнира и так далее.

На скриншоте выше злоумышленники предлагают заплатить 67 евро за коллекцию наклеек, но на маркетплейсах такой же набор обойдется как минимум вдвое дороже, а на официальном сайте Panini — втрое.

Конечно, товар вы не получите и потеряете не только деньги, но и реквизиты банковской карты.

Установите Kaspersky Premium — приложение убережет вас от зловредов, фишинга, спама, переходов на вредоносные и поддел…

Фундаментальные проблемы автономного SOC: за пределами ИИХотя использование ИИ для анализа данных и принятия решений в SOC звучит как логичная и относительно несложная в реализации идея, попытка ее внедрить ставит и обостряет проблемы, с которыми организации столкнулись при внедрении SIEM, XDR и SOAR:Качество исходных данных.

Даже когда роль ИИ сводится к предварительному сбору данных и рекомендациям, аналитики зачастую не доверяют данным и тратят время на их повторный сбор и анализ.

В SOC и ИБ в целом всегда есть плохо документированная информация: бизнес-контекст, коллективные знания и другие данные, которые помогают верно оценивать оповещения и инциденты.

Проблемы ИИ, критичные для SOCКр…

Хотя она и изолирована, но записываются эти данные в итоге на тот же SSD, с которым также работают прочие программы и веб-сайты.

Оказалось, что если вредоносная страница постоянно обращается к SSD, по задержкам при доступе к данным можно определить, что еще происходит на ПК.

Допустим, на SSD имеется достаточно большой файл, наполненный случайными данными.

Комбинация всех особенностей атаки объясняет ее название: FROST расшифровывается как Fingerprinting Remotely using OPFS-based SSD Timing, то есть удаленное наблюдение над SSD с использованием технологии OPFS.

Впрочем, суть атаки FROST не в передаче данных, а в слежке за активностью пользователя.

Злоумышленники внедряют в установочные файлы игр троян удаленного доступа под названием Argamal.

Рассказываем, как не стать жертвой нового трояна — и как безопасно и максимально анонимно смотреть пикантный контент с аниме-девочками (или без).

В другой ситуации это, наверное, сложно было бы назвать неприятной характеристикой, но Argamal, к сожалению, троян не из «скорострелов».

Через три дня компьютер подключается к GitHub, скачивает зашифрованный файл, расшифровывает его и превращает в рабочий модуль трояна.

Именно поэтому мы рекомендуем хранить пароли не в текстовых файлах, а в зашифрованном контейнере менеджера паролей.

Как выявить и ограничить использование Claude и Claude CodeДетектирование: анализ на NGFW или веб-фильтре трафика к claude.ai, anthropic.com, *.anthropic.com, api.anthropic.com.

Защита: на уровне NGFW/веб-фильтра заблокировать доступ к категории «ИИ-сервисы», на уровне DNS перенаправить трафик вышеуказанных доменов Anthropic, с помощью политик браузера заблокировать различные расширения, дающие доступ к Claude.

Защита: на уровне NGFW/веб-фильтра заблокировать доступ к категории «ИИ-сервисы», на уровне DNS перенаправить трафик вышеуказанных доменов.

Защита: на уровне NGFW/веб-фильтра заблокировать доступ к категории «ИИ-сервисы», на уровне DNS перенаправить трафик вышеуказанных доменов DeepS…

У Павла Дурова и его «приватного» мессенджера появился новый конкурент, и это — барабанная дробь — Илон Маск и его сервис XChat.

Все описанные выше сложности с PIN-кодом в XChat, на самом деле, имеют под собой своеобразное основание.

Напомним, что, в отличие от WhatsApp и Signal, разработчики XChat решили хранить приватные ключи пользователей на своих серверах.

Так что в итоге с XChat?

И, конечно, хранить его, как и любые другие пароли, следует не в заметках, а в надежном менеджере паролей.

Отключение при помощи политик: в Admin Center пройти в раздел Settings → Integrated Apps, найти Copilot в списке Available Apps, выбрать Block.

Как отключить панель Copilot в EdgeДетектирование: на уровне NGFW или других сетевых журналов искать обращение к ресурсам copilot.microsoft.com, bing.com/chat, edgeservices.bing.com.

Блокировка с помощью политик: в панели управления: Apps → Additional Google services → Gemini app: OFF.

Блокировка с помощью политик: в корпоративных политиках Chrome необходимо установить: GenAILocalFoundationalModelSettings = 0, HelpMeWriteSettings = 2 (отключено), TabOrganizerSettings = 2, CreateThemesSettings = 2, DevToolsGenAiSettings = 2.

Как отключить Apple Intel…

Мы исследовали более 84 500 общественных точек доступа Wi-Fi в Мехико, Гвадалахаре и Монтеррее — и нам есть что вам рассказать об их безопасности.

Что и как мы исследовалиПройтись пешком по Мексике в поисках публичных Wi-Fi-точек было бы сложновато, хотя ради аналогичного исследования безопасности Wi-Fi в Париже мы именно так и поступили (кстати, ознакомиться с его результатами можно в материале Безопасен ли парижский Wi-Fi?).

Выяснилось, что WPS включен почти у половины (47%) точек доступа в Мехико, у 43% — в Гвадалахаре и 41% — в Монтеррее.

Поэтому наиболее безопасным вариантом станет использование сотовой связи для доступа в Интернет — и никакой Wi-Fi не понадобится.

О том, как это сдела…

Конкретные примеры современных вредоносных кампанийНесмотря на эти изменения, наши эксперты продолжают активно отслеживать новые вредоносные кампании и реагировать на современные угрозы.

Наши технологии зарегистрировали более тысячи вредоносных писем почти идентичной структуры, разосланных организациям из госсектора, строительной и промышленной отраслей, что прямо указывает на автоматизацию проводимых атак.

Примечательно, что в качестве резервного командного сервера загрузчик обращается к Solana Name Service, децентрализованному блокчейн-реестру, что существенно затрудняет блокировку инфраструктуры.

Обе группы активно применяют PowerShell-нагрузки и нацелены на российский госсектор, что ука…

Как настроить интеграцию Kaspersky Scan Engine c F5 BIG IP LTMНастройка Scan EngineKaspersky Scan Engine должен работать в режиме ICAP.

Как настроить интеграцию Kaspersky Scan Engine c NextcloudНастройка Kaspersky Scan EngineKaspersky Scan Engine должен работать в режиме HTTP.

Как настроить интеграцию Kaspersky Scan Engine c Hitachi NAS Platform 13.9Настройка Scan EngineKaspersky Scan Engine должен работать в режиме ICAP.

Как настроить интеграцию Kaspersky Scan Engine c RspamdНастройка Scan EngineKaspersky Scan Engine должен работать в режиме HTTPD.

Как настроить интеграцию Kaspersky Scan Engine c ARA JAGUAR 5000Настройка Scan EngineKaspersky Scan Engine должен работать в режиме ICAP.

В последнее время злоумышленники активно используют для фишинговых атак платформу Google AppSheet: через нее можно настроить почтовую рассылку, которая отправляется c почтового адреса, связанного с Google.

К сожалению, именно эта простота делает AppSheet привлекательным и для злоумышленников.

Ниже показано, как выглядит типичный путь от получения письма от якобы «карьерного портала Google» до кражи данных аккаунта:Аналогичные письма приходят от имени и других IT-гигантов.

Прежде всего смотрите не на отображаемое имя, а на адрес отправителя.

Куда более вероятно, что вы получите легитимную AppSheet-рассылку от имени небольшой компании или бизнеса, но уж точно не от IT-гигантов.

Поэтому неудивительно, что за прошедшие несколько месяцев исследователи кибербезопасности зафиксировали несколько случаев распространения вредоносного ПО под видом IPTV-приложений для Android.

В этом посте поговорим о том, что представляют собой IPTV-приложения, как с помощью их поддельных версий преступники распространяют вредоносное ПО, на что оно способно и, главное, как не стать жертвой.

Обычно они привлекают пользователей бесплатным или очень дешевым доступом к контенту, который может быть нелегко найти без дорогостоящих подписок — в первую очередь это трансляции различных спортивных мероприятий и, в частности, футбольных матчей.

Вместо этого поддельное приложение открывало во встроенн…

Хотя многие компании осознанно внедряют ИИ для повышения качества и эффективности, еще быстрее в них появляются ИИ-инструменты, руководством не санкционированные.

ИИ встраивают в уже применяемые компанией решения сами разработчики ПО (например, Microsoft Copilot и Gemini), а также самовольно устанавливают сотрудники.

И риски, и способы их снижения отличаются для разных видов ИИ-систем.

Мы дадим обзор этой широкой темы, сфокусировавшись на инструментах детектирования и блокировки ИИ на двух уровнях.

SalesforceВ режиме настроек (Setup) нужно воспользоваться поиском по словам connected apps и в результатах поиска нажать Manage Connected Apps.

Но вы даже не узнаете, что в ваше устройство уже внедрен вредоносный код, а злоумышленники смогут получить доступ даже к заблокированному смартфону.

Что такое BootROMЧтобы понять серьезность находки, сначала нужно разобраться в том, как загружается современное устройство на чипе Qualcomm.

Самый нижний — фундамент и база, самый доверенный уровень — BootROM, постоянная память, вшитая в кремний и недоступная для изменения после производства.

Почему патча не существует — и что делатьQualcomm был уведомлен о находке в марте 2025 года и подтвердил наличие уязвимости в своих чипах.

Если у вас на руках устройство с уязвимым чипом, воспользуйтесь нашими советами, которые помогут снизить риск заражен…

В решении для защиты почтовых шлюзов мы даже реализовали технологию, позволяющую считывать эти коды (причем не только из писем, но и вложений) и проверять зашитые в них ссылки.

Что такое ASCII-графика и как ее используют злоумышленникиСейчас в это нелегко поверить, но когда-то компьютеры не умели отображать графику.

Ну и вдобавок в то время многие платили за трафик, а потому отключали загрузку картинок в почте.

А в качестве дополнительного слоя защиты — установить защитные решения на все рабочие устройства, используемые для выхода в Интернет.

В частности, объяснять, что ASCII-графика в современных письмах может свидетельствовать о попытке фишинговой атаки.

If you’ve ever troubleshot a complex workflow run, you know the drill: click into actions, expand inputs and outputs, scan logs, backtrack, repeat.

We’ve just released Workflow Run Summaries in Cisco XDR Automate: an on-demand, AI-generated summary that explains what happened during a workflow execution, where things went wrong, and why that matters, without forcing you to manually inspect every step.

What the feature doesWith a single click on “Generate Run Summary”, Cisco XDR Automate analyzes a completed workflow run and produces a concise, human-readable explanation of its execution.

Why this matters, especially for Agentic AIAs XDR Automate Workflows are increasingly triggered by Agent…

It is the hardest attack category in email security — for any vendor, any product, any architecture.

This balance — 98% threat detection alongside zero hard false positives — is what the 94% Total Accuracy Rating reflects.

What Independent Validation Means for Your Security StrategyEvery email security vendor publishes detection rates.

Read the full report for more insight into ETD’s comprehensive email security capabilities.

All performance data sourced from the SE Labs Advanced Security Test Report — Email (Protection), Cisco Secure Email Threat Defense, May 2026 (v1.0).

Caption: MCP integrations exposed to the local AI workflow for SOC investigation contextAt this stage, the system was already useful.

Caption: OpenClaw using the local Ollama model backend instead of an external model providerThe distinction is important.

I installed DefenseClaw alongside the OpenClaw environment, to add inspection and audit visibility around the agentic AI workflow.

Sending DefenseClaw events into Splunk made the AI workflow feel more operational and less experimental.

At Black Hat Asia, this became a practical way to explore what private AI for SOC workflows could look like.

Cisco has been a long-standing partner in securing Black Hat conferences worldwide, providing the critical network infrastructure that ensures safe connectivity for all attendees.

At Black Hat Asia 2026, we continued this tradition while introducing significant enhancements to our security capabilities through innovative integrations.

Resource ConnectorCisco Secure Access Resource Connector was deployed to provide secure remote access to critical systems.

Resource Connector solves this problem by creating secure path to the target, which is accessible from public URL generated by Secure Access platform.

Check out the other blogs from our team at Black Hat Asia 2026.

As is tradition at every Black Hat conference, Day 1 winds down with a quick reality check – what’s done, what’s broken, and what absolutely needs to go live by tomorrow.

Corelight traffic and detections were already flowing into Cisco XDR using OCSF-based ingestion built at Black Hat Europe 2025.

That’s the lesson Black Hat reinforces every time:Progress accelerates when you ask the right person the right question.

Check out the other blogs from our team at Black Hat Asia 2026.

Driven by the needs of the community, Black Hat events showcase content directly from the community through Briefings presentations, Trainings courses, Summits, and more.

The Black Hat server owners confirmed the Apache version was fully patched, ensuring no impact to Black Hat assets.

Cisco XDR correlated events and enriched them with Talos and other third-party threat intelligence feeds, confirming the issue and assigning priority.

An attendee was seen accessing a custom application hosted in their home country from the Black Hat network.

AI Reasoning AnalysisDrilled deeper into the AI reasoning behind the Cisco XDR storyboard findings.

Driven by the needs of the community, Black Hat events showcase content directly from the community through Briefings presentations, Trainings courses, Summits, and more.

One of the first things we notice walking into the Black Hat NOC/SOC to help setup was that no one cared about who you worked for.

That goal being to discover and protect Black Hat from attacks both internally and externally.

High Score, Low Threat: A 60-Second Triage StoryThe new agentic capabilities in Cisco XDR were enabled in our Black Hat tenant – and they didn’t disappoint.

Check out the other blogs from our team at Black Hat Asia 2026.

Driven by the needs of the community, Black Hat events showcase content directly from the community through Briefings presentations, Trainings courses, Summits, and more.

Cisco celebrates our 10th year building and safeguarding the network for Black Hat Asia in Singapore.

We work with other official providers to bring the hardware, software and engineers to build and secure the Black Hat Asia network: Arista, Corelight, Jamf, MyRepublic and Palo Alto Networks.

Since 2017, Cisco has protected the Black Hat Asia network, beginning with automated malware analysis using Threat Grid.

Unveiling the Power of Integration: XDR, Splunk, Corelight, Arista and Palo Alto Networks in Action at Black Hat AsiaUplevelling Black Hat Threat HuntersCisco Secure Access with MCP Infrastructure at Black Hat Asia 2026The Essence of Black Hat – Collaboration with PartnersBlack Hat A…

It was designed to be useful whether you had a team of 500 security analysts or a single IT person wearing multiple hats.

The new mathBefore Mythos and other frontier large language models (LLMs), the vulnerability lifecycle had a rhythm that most security teams had internalized.

It also means you need incident response capability for when prevention fails.

When everything has been tested and still was not enough, emergency incident response is the capability that gets you from compromised to recovered.

Because they operate at a layer of the security stack that is independent of how fast vulnerabilities are discovered.

That is why I am excited to share that Cisco SASE with Meraki is now generally available.

You keep the Meraki experience you know, then connect it to Cisco Secure Access for cloud-delivered Security Service Edge (SSE) protection.

What We BuiltCisco SASE with Meraki connects Meraki SD-WAN sites to Cisco Secure Access, Cisco’s cloud-delivered SSE solution.

With Cisco SASE with Meraki, Meraki AutoVPN can automatically establish secure primary and backup tunnels between enrolled MX sites and Cisco Secure Access.

Cisco SASE with Meraki gives Meraki customers a fast, secure, and resilient approach to bring SD-WAN traffic into Cisco Secure Access.

This is the shift from access control to action control.

To move from access control to action control, Agent Gateway will help answer five questions before a request is allowed to proceed:Who is the agent?

With Agent Gateway, Cisco extends these capabilities into the agentic workflow.

Duo will identify the agent process itself using Duo identity, extending naturally from user MFA to agent and non-human identities.

Duo will identify the agent process itself using Duo identity, extending naturally from user MFA to agent and non-human identities.

Why we are changing our cadenceThe fundamental scale of vulnerability discovery has shifted.

Seven days before each release, PSIRT will publish the list of technologies and platforms included in that drop.

Cisco PSIRT will provide ‘bundled’ CVEs (Common Vulnerability Exposures) tied to CWE categories (Common Weakness Enumerations).

If a finding is being addressed in a scheduled release, upgrading should negate the need to implement corner-case mitigations that do not scale.

The Cisco PSIRT is the gold standard for vulnerability disclosure and will drive this revolution – with significantly expanded tooling and cadence built for the new rate of discovery.

The National Institute of Standards and Technology (NIST) finalized its first PQC standards in 2024.

Cisco’s Quantum Resilience FrameworkCisco has developed a framework to articulate multiple levels of quantum resilience – each representing distinct capabilities designed to respond to new and emerging threats to confidential communication and product integrity.

It gives organizations a foundation as they progress toward more complete levels of quantum resilience.

Level 3 extends quantum resilience into identity and attestation.

Together, these levels give customers a practical way to evaluate quantum resilience.

Secure agents as digital workersThe second imperative is to secure the agents now entering the enterprise.

At Cisco Live, we are taking the next step by making DefenseClaw enterprise-ready and integrating it into Cisco Secure Client.

Context provided by the network is what allows security teams to understand behavior, enforce trust, and respond with confidence across domains.

That is how Cisco is helping customers become more resilient—and helping security teams protect, detect and respond with confidence in the agentic era.

Ask a question and stay connected with Cisco Security on social media.

Introducing Identity in Cisco Cloud ControlIdentity in Cisco Cloud Control brings identity, device, network, application and agentic activity context together in a single, unified operational view.

By unifying capabilities across Duo, Cisco Identity Intelligence (CII), Cisco Identity Services Engine (ISE), and supported vendor sources, Cisco enables teams to investigate, assess, and act on identity risk without switching tools or losing context.

What’s NewWith the introduction of Identity in Cisco Cloud Control, customers gain new capabilities designed to simplify identity operations and make identity risk more actionable.

Identity in Cisco Cloud Control provides a unified way to operationa…

It does not block JavaScript that is rendered by a headless browser owned by an AutoGen agent on the same machine.

This work informs guidance for developers and detections for defenders across Microsoft Defender, Microsoft Defender for Cloud, Microsoft Entra and Microsoft 365.

Customers using Microsoft Defender, Microsoft Defender for Cloud, and Microsoft Entra can use these controls to detect, contain, and investigate related activity.

This work informs guidance for developers and detections for defenders across Microsoft Defender, Microsoft Defender for Cloud, Microsoft Entra and Microsoft 365.

Customers using Microsoft Defender, Microsoft Defender for Cloud, and Microsoft Entra can use t…

This year, Microsoft commissioned Forrester Consulting to conduct a Total Economic Impact™ (TEI) study for our AI-first, end-to-end security platform.

What end-to-end security deliversBased on in-depth interviews with a survey of 362 customers and 11 security decision-makers using Microsoft Security solutions, the Forrester study revealed the impact of consolidating with Microsoft Security.

Security for AI – New solutions like Microsoft Agent 365 with foundations of Microsoft Security, extend identity, governance, and control to AI agents, so customers can adopt them with confidence.

AI for Security – Microsoft Security Copilot, together with Microsoft Defender, Entra and Purview provides A…

Microsoft Threat Intelligence observed a large-scale npm supply chain attack affecting 140+ packages across the mastra and @mastra scopes on the npm registry.

Microsoft Defender Antivirus, Microsoft Defender for Endpoint, and Microsoft Defender XDR provide detections and hunting coverage for suspicious Node.js execution, malicious package behavior, reflective code loading, persistence activity and command-and-control communication.

The easy-day-js dependency was not present in any prior versions of mastra npm packages.

Microsoft Defender XDR detectionsMicrosoft Defender XDR customers can refer to the list of applicable detections below.

Advanced huntingThe following KQL queries can be used …

Clipper malware relies on stealing clipboard data and parsing it for valuable assets.

Additionally, Microsoft Defender Antivirus detects this crypto clipper as Trojan: Win32/CryptoBandits.A.

A file named “cfile” is created on the infected system as an output for payload hosted on the C2 domain.

Private Key extractionThe crypto clipper also detects cryptocurrency keys for both Ethereum and Bitcoin WIF.

Initial AccessT1091 Replication Through Removable MediaExecutionT1059 Command and Scripting Interpreter | EVAL-driven remote code execution from server taskingDiscoveryT1057 Process Discovery | Task Manager check used as an anti-analysis gatePersistenceT1053.005 Scheduled Task/Job | Scheduled …

This month’s set of discoveriesThe measure of any security system is what it catches.

Several findings involve high-severity remote code execution vulnerabilities in core infrastructure layers that are difficult to scrutinize using manual approaches alone.

We analyzed which pipeline stage contributed to each miss:Scan stage: 8 cases (15.4%), failed to identify the intended finding.

Bookmark the Security blog to keep up with our expert coverage on security matters.

Also, follow us on LinkedIn (Microsoft Security) and X (@MSFTSecurity) for the latest news and updates on cybersecurity.

We are excited to share that Microsoft has been named a Leader in The Forrester Wave™: Extended Detection and Response Platforms, Q2 2026.

Microsoft also received the highest possible scores across the current offering criteria of identity detection, cloud detection, SIEM replacement, Threat Intelligence, Threat hunting, Administrative controls, and Training.

Microsoft Threat Intelligence is built on a broad vantage point, analyzing 100 trillion signals each day.

Microsoft Security Copilot alert triage agent: Security Copilot agents in Defender help security operations center (SOC) teams investigate faster, automate response, and prioritize high-risk cyberthreats.

Also, follow us on LinkedI…

See how Microsoft unifies identity and security signals to help teams prevent, detect, and respond to AI-accelerated attacks faster.

The post AI is accelerating cyberattacks—here’s how to stay ahead appeared first on Microsoft Security Blog.

Microsoft publishes quarterly email security benchmarking data comparing Microsoft Defender against secure email gateway (SEG) and integrated cloud email security (ICES) vendors using real-world threat telemetry.

Key insights from a year of email benchmarkingWith four consecutive quarters, several findings have proven to be durable insights, highlighting the sustained realities of how layered email security performs in production:1.

Below are some of the most recent highlights, that we directly attribute to the continued improvements in Microsoft Defender performance.

Security Copilot’s Email Summary further speeds investigations by turning email detection data into clear, actionable insigh…

First, ASSERT turns a broad behavior specification into an explicit concept specification, which is then converted into a granular, editable behavior taxonomy with suggested permissible and impermissible behaviors.

Next, it generates stratified test cases over the dimensions the developer declares.

The taxonomization step outputs an editable behavior taxonomy that can be validated by a policy expert.

The policy citation refers to the specific taxonomy behavior or developer-provided policy decision that the judge used to support the verdict.

ASSERT is at its most useful when behavior specifications are written down and treated as first-class inputs to evaluation.

Security teams are already investigating activity involving Microsoft 365 Copilot and Azure AI services—from prompt injection attempts to unexpected data access.

It provides the foundation for reconstructing AI activity in enterprise environments.

To help address that challenge, we’ve published a new investigator playbook for Microsoft 365 Copilot and Azure AI services.

Investigations begin by identifying who interacted with AI systems, when the activity occurred, and which services were involved.

AI telemetry is constructed metadata-first, providing identity, time, and resource context across interactions.

As threat actors operationalize AI to accelerate attacks, they are also leveraging the wider global interest around AI itself as a social engineering lure.

AI as TRADECRAFT How threat actors operationalize AI ›Threat actors are quick to capitalize on highly anticipated launches or emerging trends, leveraging trusted branding and exploiting user curiosity to improve the success rates of their campaigns.

Search-driven discovery: Users found the repository through GitHub repository search, search engines, social sharing, and AI-assisted search results pointing to the lure page.

Once the lure was live, search engines increased the exposure of the malicious repository.

To hear stories and insigh…

As threat actors operationalize AI to accelerate attacks, they are also leveraging the wider global interest around AI itself as a social engineering lure.

AI as TRADECRAFT How threat actors operationalize AI ›Threat actors are quick to capitalize on highly anticipated launches or emerging trends, leveraging trusted branding and exploiting user curiosity to improve the success rates of their campaigns.

Search-driven discovery: Users found the repository through GitHub repository search, search engines, social sharing, and AI-assisted search results pointing to the lure page.

Once the lure was live, search engines increased the exposure of the malicious repository.

To hear stories and insigh…

Microsoft Threat Intelligence discovered that Anthropic’s Claude Code GitHub Action could expose CI/CD workflow secrets when AI agents process untrusted GitHub content, including issue bodies, pull request descriptions, and comments.

Tools such as Anthropic’s Claude Code GitHub Action can trigger on pull requests, read the diff, title, description, and comments, then post review feedback or security findings.

Claude Code actionClaude Code Action is a GitHub action that runs Claude inside your CI runner.

MITRE™️ATLAS techniques observedResource DevelopmentAML.0065, LLM Prompt Crafting: The attacker carefully constructs a payload tailored to the specific workflow configuration (e.g., system p…

It identified novel failure modes unique to agentic systems (agent compromise, injection, impersonation, flow manipulation) alongside existing failure modes materially amplified in agentic contexts (memory poisoning, cross-domain prompt injection, human-in-the-loop bypass).

Agentic systems consume plugin registries, MCP servers, prompt templates, and third-party tool integrations, each a new supply chain ingestion point.

In agentic systems, it exposes operational primitives and turns black-box probing into a white-box exploit path.

Operational findings: What red teaming showedTwelve months of engagements against deployed agentic systems produced several consistent patterns.

Zero-click HitL …

The malware then executes the payload via Bun, creating an unusual process chain (node → shell → bun → payload) designed to evade Node-focused monitoring and detections.

Use Microsoft Defender XDR to investigate suspicious activity across endpoints, identities, cloud apps, and developer environments.

Microsoft Defender XDR detectionsMicrosoft Defender XDR customers can refer to the list of applicable detections below.

Microsoft Defender XDR detectionsMicrosoft Defender XDR customers can refer to the list of applicable detections below.

Advanced huntingThe following KQL queries can be used in Microsoft Defender XDR Advanced Hunting to identify potential exposure to this supply-chain compromi…

Here, threat actors may simply seed prompt injections on websites in hope of corrupting AI systems that browse them.

Early experiments revealed a significant volume of "benign" prompt injection text, which illustrates the complexity of distinguishing between functional threats and harmless content.

Many prompt injections were found in research papers, educational blog posts, or security articles discussing this very topic.

(Source: GitHub/swisskyrepo)When searching for prompt injections naively, the majority of detections are benign content – false positives in our case.

Malicious: ExfiltrationWe were able to observe a small number of prompt injections that aim at theft of data.

Recognizing the risks associated within the complex modem firmware, Pixel 9 shipped with mitigations against a range of memory-safety vulnerabilities.

Following our previous discussion on "Deploying Rust in Existing Firmware Codebases", this post shares a concrete application: integrating a memory-safe Rust DNS(Domain Name System) parser into the modem firmware.

Hook-up Rust to modem firmwareBefore building the Rust DNS library, we defined several Rust unit tests to cover basic arithmetic, dynamic allocations, and FFI to verify the integration of Rust with the existing modem firmware code base.

Pixel modem firmware already has a well-tested and specialized global memory allocation system to…

This project represents a significant step forward in our ongoing efforts to combat session theft, which remains a prevalent threat in the modern security landscape.

Session theft typically occurs when a user inadvertently downloads malware onto their device.

Once active, the malware can silently extract existing session cookies from the browser or wait for the user to log in to new accounts, before exfiltrating these tokens to an attacker-controlled server.

How DBSC WorksDBSC protects against session theft by cryptographically binding authentication sessions to a specific device.

The issuance of new short-lived session cookies is contingent upon Chrome proving possession of the correspondi…

Staying ahead of the latest indirect prompt injection attacks is critical to our mission of securing Workspace with Gemini.

In our previous blog “Mitigating prompt injection attacks with a layered defense strategy”, we reviewed the layered architecture of our IPI defenses.

Synthetic data generationAfter we discover, curate, and catalog new attacks, we use Simula to generate synthetic data expanding these new attacks.

We partition the synthetic data described above into separate training and validation sets to ensure performance is evaluated against held-out examples.

This process leverages the newly generated synthetic attack data described on this blog, to create a robust, end-to-end evalu…

2025 marked a special year in the history of vulnerability rewards and bug bounty programs at Google: our 15th anniversary 🎉🎉🎉!

Coming back to 2025 specifically, our VRP once again confirmed the ongoing value of engaging with the external security research community to make Google and its products safer.

Vulnerability Reward Program 2025 in NumbersWant to learn more about who’s reporting to the VRP?

Tip: Want to be informed of new developments and events around our Vulnerability Reward Program?

Follow the Google VRP channel on X to stay in the loop and be sure to check out the Security Engineering blog, which covers topics ranging from VRP updates to security practices and vulnerability des…

To stay ahead of the curve, the technology industry must undertake a proactive, multi-year migration to Post-Quantum Cryptography (PQC).

To bring these critical protections to the wider developer community with minimal friction, the transition will be supported through Play App Signing.

Play App Signing leverages Google Cloud KMS, which helps ensure industry-leading compliance standards, to secure signing keys.

Empower Developers : The inclusion of ML-DSA support within Android Keystore and Play App Signing allows developers to safeguard their users and application.

: The inclusion of ML-DSA support within Android Keystore and Play App Signing allows developers to safeguard their users and …

Today we're announcing a new program in Chrome to make HTTPS certificates secure against quantum computers.

Instead, Chrome, in collaboration with other partners, is developing an evolution of HTTPS certificates based on Merkle Tree Certificates (MTCs), currently in development in the PLANTS working group.

Since MTC technology shares significant architectural similarities with CT, these operators are uniquely qualified to ensure MTCs are able to get off the ground quickly and successfully.

The Chrome Quantum-resistant Root Program will operate alongside our existing Chrome Root Program to ensure a risk-managed transition that maintains the highest levels of security for all users.

First, we…

For Majik, Scam Detection was the intervention he needed: “The warning is what made me pause and avoid a bad situation”.

As scammers evolve their tactics and create more convincing and personalized threats, we’re using the best of Google AI to stay one step ahead.

Expanding Scam Detection for Calls to Samsung DevicesTo help protect you during phone calls, Scam Detection alerts you if a caller uses speech patterns commonly associated with fraud.

Scam Detection for phone calls on Google Pixel devices is available in the U.S., Australia, Canada, India, Ireland, and the UK.

Powered by Gemini’s on-device model, Scam Detection provides intelligent protection against scam calls while ensuring that…

Upgrading Google Play’s AI-powered, multi-layered user protectionsWe’ve seen a clear impact from these safety efforts on Google Play.

As Android’s built-in defense against malware and unwanted software, Google Play Protect now scans over 350 billion Android apps daily.

This proactive protection constantly checks both Play apps and those from other sources to ensure they are not potentially harmful.

Looking aheadOur top priority remains making Google Play and Android the most trusted app ecosystems for everyone.

Thank you for being part of the Google Play and Android community as we work together to build a safer app ecosystem.

That’s why we're committed to providing multi-layered defenses that help protect you before, during, and after a theft attempt.

Today, we're announcing a powerful set of theft protection feature updates that build on our existing protections, designed to give you greater peace of mind by making your device a much harder target for criminals.

These updates are now available for Android devices running Android 16+.

More User Control for Failed Authentications: In Android 15, we launched Failed Authentication Lock, a feature that automatically locks the device's screen after excessive failed authentication attempts.

This feature is now getting a new dedicated enable/disable toggle in settings,…

These initiatives, driven by Ballots SC-080, SC-090, and SC-091, will sunset 11 legacy methods for Domain Control Validation.

What’s Domain Control Validation?

Domain Control Validation is a security-critical process designed to ensure certificates are only issued to the legitimate domain operator.

Sunsetted methods relying on email:Sunsetted methods relying on phone:Sunsetted method relying on a reverse lookup:For everyday users, these changes are invisible - and that’s the point.

These changes push the ecosystem toward standardized (e.g., ACME), modern, and auditable Domain Control Validation methods.

Partnership with ArmOur goal is to raise the bar on GPU security, ensuring the Mali GPU driver and firmware remain highly resilient against potential threats.

We partnered with Arm to conduct an analysis of the Mali driver, used on approximately 45% of Android devices.

This approach allowed us to roll out the new security policy broadly while minimizing the impact on developers.

This effort spans across Android and Android OEMs, and required close collaboration with Arm.

The Android security team is committed to collaborating with ecosystem partners to drive broader adoption of this approach to help harden the GPU.

We built on Gemini's existing protections and agent security principles and have implemented several new layers for Chrome.

To further bolster model alignment beyond spotlighting, we’re introducing the User Alignment Critic — a separate model built with Gemini that acts as a high-trust system component.

A flow chart that depicts the User Alignment Critic: a trusted component that vets each action before it reaches the browser.

The User Alignment Critic runs after the planning is complete to double-check each proposed action.

Looking forwardThe upcoming introduction of agentic capabilities in Chrome brings new demands for browser security, and we've approached this challenge with the same ri…

Android uses the best of Google AI and our advanced security expertise to tackle mobile scams from every angle.

Over the last few years, we’ve launched industry-leading features to detect scams and protect users across phone calls, text messages and messaging app chat notifications.

To help combat these types of financial scams, we launched a pilot earlier this year in the UK focused on in-call protections for financial apps.

The UK pilot of Android’s in-call scam protections has already helped thousands of users end calls that could have cost them a significant amount of money.

We’ve also started to pilot this protection with more app types, including peer-to-peer (P2P) payment apps.

Secure by DesignWe built Quick Share’s interoperability support for AirDrop with the same rigorous security standards that we apply to all Google products.

Secure Sharing Channel: The communication channel itself is hardened by our use of Rust to develop this feature.

On Android, security is built in at every layer.

On Android, security is built in at every layer.

Secure Sharing Using AirDrop's "Everyone" ModeTo ensure a seamless experience for both Android and iOS users, Quick Share currently works with AirDrop's "Everyone for 10 minutes" mode.