ЦБ решил посчитать все наши карты.

Суд Мурманской области вынес первое наказание за реакции в виде лайков.

Страх перед регуляторами перевесил желание договориться со взломщиками.

Агентство запускает программу PICASSO для создания масштабируемых фотонных интегральных схем.

Почему власти смягчили меры борьбы с мошенниками.

Военная медицина получила прототип «умного» порошка.

Пентагон планирует перевооружить союзников в ближайшие семь лет.

Теперь внутри кода прячется сюрприз, о котором не знают даже профи.

Ученые сделали машину, которая не перебирает варианты, а ждет, пока физика сама найдет ответ.

Оказалось, что даже запертая на все замки дверь не гарантирует приватности.

Компилятор от ИИ-агентов успешно прошел 99% стресс-тестов GCC.

В КНР нашли способ разогнать БПЛА до Маха 0,9.

Хакеры подготовились к отчетному периоду в России.

Высокая конкуренция обрушила доходы поставщиков VPN.

Развитие регулирования КИИ и ГосСОПКАМодернизация нормативной базы в области безопасности КИИ и госсистемы обнаружения компьютерных атак стала центральным вектором изменений 2025 года.

В результате внесённых изменений в 187-ФЗ закреплены обязанности субъектов КИИ по переходу на доверенные программно-аппаратные комплексы в соответствии с ПП-1912, а также ориентация на использование отечественного ПО.

Также в Правилах категорирования в явном виде закреплены обязанности субъекта КИИ по учёту утверждённых отраслевых особенностей категорирования объектов КИИ.

Одновременно положения формируют предпосылки для пересмотра подходов к регулированию самописного ПО — ПО, разработанного для собственных н…

Российские системы виртуализации в 2026 году вышли на новый уровень, превратившись из инструментов импортозамещения в полноценные конкурентные решения.

По его мнению, виртуализация — это общий термин, который включает в себя частные и гибридные облака, платформы виртуализации и гиперконвергентные системы, где каждый ищет свою нишу.

Он подчеркнул необходимость взаимодействия как с ИТ-специалистами, так и с отделом безопасности.

Основным драйвером станет запрос на целостные экосистемы, а не на отдельные точечные решения».

Внимание рынка сместится с самой виртуализации на новые технологические горизонты — будь то расширение её возможностей или создание принципиально новых решений.

Роль ИИ в аналитике безопасности, будущее SOAR, эволюция SIEM и NDR, перспективы рынка коммерческих SOC в России на фоне импортозамещения.

Что такое классический SOC и почему он переживает кризисЦентр мониторинга безопасности (SOC) долгое время был основой корпоративных систем защиты.

Мировой рост внедрения ИИ в индустрию информационной безопасности с 2017 по 2030 годЭволюция инструментальной экосистемы: SIEM, NDR, EDRРеализация подхода Post-SOC требует фундаментальной перестройки всего технологического стека безопасности.

Это формирует уникальные сценарии развития как для вендоров, так и для компаний-заказчиков.

ВыводыТрансформация классических центров мониторинга безопасности в интегриров…

Итоги года и выводы, которые обязательно надо учесть.

В 2025 году компании всё чаще сталкивались с ситуацией, когда технический инцидент перерастал в юридический и репутационный кризис.

ТрендыТренд 2025 года — появление атак, выполненных практически полностью с помощью нейросетей (искусственного интеллекта) почти без участия человека.

ВыводыИтоги 2025 года показывают: веб-приложения стали одной из самых уязвимых точек цифрового бизнеса и одновременно самым быстрым каналом нанесения прямого финансового ущерба.

В условиях 2025 года инвестиции в зрелую защиту веб-приложений напрямую поддерживают устойчивость бизнеса.

Мифы и реальность удаления аккаунта в TelegramМиф первый: Аккаунт пользователя в Telegram можно восстановить после удаленияНа самом деле, если удалить аккаунт пользователя в сети Telegram, это будет окончательным и необратимым действием для него.

Недавно в пользовательских чатах прошло сообщение, что в Telegram возможна кража учётных данных пользователя (например, через фишинг).

Всё это время активная сессия злоумышленника якобы остаётся валидной, и Telegram не предоставляет возможности законному владельцу принудительно сбросить все активные сессии.

Однако убедиться в этом мы не смогли, потому что Telegram не позволяет прочитать описание проблемы в своей базе.

Создание закрытого частного об…

В конце 2025 года появились прогнозы, по которым в наступившем 2026 году стоит ждать значительного роста интереса к облачным сервисам со стороны российских компаний.

Однако темпы роста облачных сервисов существенно опережают мировые (29,5 % в России против 20 % в мире по итогам 2025 года).

Банк России также включил развитие облачных сервисов в приоритеты развития финтеха и запустил пилот «Банк в облаке».

2 и 3), причём как в рублёвом, так и в валютном выражении.

Это обстоятельство стало одним из основных драйверов роста для облачных сервисов в России и не только.

Он интересуется, почему же эти атаки продолжают быть успешными и что отрасли следует делать иначе.

При этом он подчёркивает, что в основе защиты веба и API лежит чёткое определение и распределение зон ответственности внутри компании.

Второй шаг — выбор инструментов следующего поколения, которые обеспечивают глубокий анализ и понимание поведения пользователей на всех уровнях, как в веб-интерфейсе, так и в API.

Потерять результат многолетней тонкой настройки политик WAF из-за аппаратного сбоя или человеческой ошибки — это не просто обидно, это прямая угроза бизнесу».

Необходимо выбирать инструменты, способные анализировать и выявлять паттерны поведения не только на уровне веб-интерфейса, но и…

Эксперты по кибербезопасности обсудили актуальные угрозы 2026 года и стратегии построения эффективной обороны — как противостоять массовым атакам и точечным взломам.

Повсеместная автоматизация, доступность хакерских сервисов в даркнете и интеграция искусственного интеллекта в атакующие и защитные инструменты стёрли грань между традиционными и продвинутыми угрозами.

Согласно современным стандартам, для фронтенда актуально более 70 специфических угроз, и для их эффективного выявления и нейтрализации требуются специализированные решения, ориентированные именно на безопасность клиентской части приложений.

Первый и самый массовый — это автоматизированные сканирующие боты, которые многие компании…

В госсекторе и сфере критической информационной инфраструктуры (КИИ) эта доля, конечно, ниже, но в бизнесе и особенно среди индивидуальных пользователей удельный вес Windows превышает 90 %.

Будет как минимум не лишним знать код ошибки для обращения в службу технической поддержки.

Ошибки файловой системы или дисковых устройствО возникновении проблем с файловой системой свидетельствуют ошибки 0x00000023 (файловая система FAT), 0x00000024 (NTFS), и 0x0000004C (ошибки загрузки системного реестра).

Ошибки в работе драйверов, системных служб и библиотекОшибки с кодом 0×0000001E: KMODE_EXCEPTION_NOT_HANDLED с кодом исключения 0xC000026C является одной из самых распространённых.

Проблемы с видеосис…

Чтобы предотвратить слив, важно понимать, как формируются внутренние риски, по каким признакам можно заметить подготовку утечки и на каких этапах можно её предотвратить.

Понимание того, почему и как формируется внутренний риск, позволяет сместить фокус с реакции на инцидент к его предотвращению.

Для этого важно рассматривать утечку не как разовое событие, а как процесс с понятной логикой, этапами и наблюдаемыми признаками.

Что делает клиентскую базу уязвимойЛюбая компания работает с разными видами информации: базами клиентов, контактами подрядчиков, маркетинговыми планами, договорами и так далее.

Передача конкурентуБаза даёт конкуренту понимание того, какие клиенты, на каких условиях и с ка…

А в декабре модуль памяти в 32 ГБ стоил как хорошая игровая приставка или новый ноутбук в не самой слабой комплектации.

Вслед за подорожанием памяти и процессоров начали повышать цены вендоры оборудования.

Но такая ситуация возникает на рынке не в первый раз, и в целом есть понимание, как будет разворачиваться ситуация.

Чего ждать в ближайшие годыВо многом последствия будут такие же, как в 1980-х.

В долгосрочной перспективе ускорится переход к более эффективным и лёгким библиотекам и фреймворкам и построенным на их основе микросервисным архитектурам на базе легковесных образов контейнеров».

Он в целом более стандартизован и типизирован, и методы киберпреступников таковы, что позволяют их использовать в отношении любых людей, в том числе абсолютно незнакомых.

В 2025 году, по оценке частного детектива Егора Гросмана, количество случаев шантажа в отношении жителей России выросло как минимум на 20 %.

В дальнейшем таких сотрудников могут использовать не только как источник данных, но и как активных участников атаки».

Юрист по судебным спорам компании «Интеллект-Право» Анастасия Тарасенко при этом призывает не грубить и не оскорблять злоумышленника.

Такие технологии существуют и для мессенджеров, например специальные боты для Telegram и встроенные средства «Семейная защита» для Max.

Чем больше новых возможностей появляется в ПО, особенно в сфере ИИ, тем дороже обходится «железо» под него.

Каждая система обрабатывает огромные массивы данных и анализирует их: это уже ресурсозатратные процессы, требующие большой вычислительной нагрузки.

Повлиять на стоимость аппаратных компонентов мы как производитель ПО не можем.

Такой подход, в том числе, позволил реализовать ту самую технологию гибридного хранения данных — и это стало залогом роста аналитических возможностей.

Освобождённые за счёт оптимизации ресурсы — это и есть пространство для развития продукта, которое не бьёт по бюджету.

4 февраля эксперты «Лаборатории Касперского» опубликовали результаты собственного расследования, в котором выяснили, что происходило с жертвами атаки и как долго угроза была активной.

Второй вывод: решения «Лаборатории Касперского» успешно остановили данные атаки, несмотря на доставку вредоносного кода через «доверенный» канал обновления легитимного ПО.

Упомянутый выше третий вариант атаки с BluetoothService.exe был зафиксирован в начале октября, а в середине октября отмечались попытки заражения с более ранним вариантом атаки, использующим интерпретатор Lua.

Любопытно, что в апдейте от 5 февраля разработчики Notepad++ в качестве радикальной меры рекомендуют корпоративным пользователям устан…

Итог: мобильную связь в стране запретили полностью на несколько летКванмён: Интернет, который не интернетВместо глобальной сети в КНДР создали «Кванмён».

Система авторизует устройство в Wi-Fi сети только через мобильный IDЭто идеальная система тотального надзора: государство знает, кто, откуда и с какого устройства зашел в сеть.

Потому что игровые серверы часто сидят на тех же CDN, что и неугодные ресурсы.

ТСПУ не разбирается он просто выключает куски магистралейПротокольная дискриминацияТСПУ научился распознавать Shadowsocks, WireGuard и OpenVPN.

Да, через B-Checker или кастомные WireGuard-конфиги его еще можно завести, но для обычного работяги это превращается в квест на выжевание5.

Многие думают: «У меня не банк, просто телефоны клиентов в Excel или в блокноте».

Бизнес собирает данные клиентов через форму на сайте или в CRM, но не подал уведомление в Роскомнадзор о том, что является оператором персональных данных.

Данные автоматически сохраняются на серверах за рубежом, что нарушает требование о первичной записи персональных данных на территории России.

Не храните данные в открытых местах — не в общих чатах Telegram, не в облачных папках с доступом по ссылке.

Повторная крупная утечка грозит оборотным штрафом: от 1 до 3% годовой выручки, но не менее 20 миллионов и не более 500 миллионов рублей.

Как сеть Kaspersky SD-WAN среагирует на такие события, и будем разбираться в этой статье.

Описание тестового стенда и ограниченияДля целей тестирования в нашей лаборатории была развернута сеть, состоящая из двух SD-WAN CPE:Kaspersky SD-WAN ESR (R) Model 1 (железка с LTE модемом и 5ю Ethernet портами) на стороне клиента IPERF;Kaspersky SD-WAN Virtual M1 развернутый в «облаке» на гипервизоре, на стороне сервера IPERF.

Такой механизм до сих пор дает максимальный уровень стабильности (и для версии 2.5), но добавляет «ручной» работы по оптимизации.

Версия Kaspersky SD-WAN 2.5 принесла новый функционал динамического изменения веса канала (линка) на основе потерь, зафиксированных в этом канале.

Ст…

Часть антивирусов уже обновила ПО под определение этого трояна, клиентам советуют запустить внеплановую проверкуДИСКЛЕЙМЕР: описан лишь один случай, может быть у вас ситуация будет другая.

Плюс как нам сообщили, такие стилеры сейчас настолько продвинутые, что они не обнаруживаются никакими антивирусами, а после выполнения он обычно удаляется, так что вы даже не поймёте, что у вас что-то украли.

Например, вы сидели с телефона, вас выкидывает, и друзья начинают вам массово звонить и говорить, что вас взломали.

Зайдите на это устройство, у вас там сессия/сеанс сохранится, вы будете в аккаунте.

Не покупайте комп на винде и не выходите в интернетНа всякий случай установите хороший антивирус, пла…

В январе 2026 года мы зафиксировали кампанию, в которой злоумышленники маскируются под государственное ведомство и параллельно используют легенду службы доставки.

Собеседник запросил Ф. И. О. и номер телефона отправителя и получателя, после чего предоставил новую ссылку на оплату.

Ключевое отличие — в платежной части: форма и шлюз подменены, а сценарий оплаты настроен так, чтобы перевод уходил в пользу злоумышленников, а не в адрес реального сервиса.

В июле 2025 года в профиле была размещена фотография, связанная со СДЭК.

Даже если письмо оформлено как госуведомление, переход на сторонний домен, не связанный с официальной инфраструктурой и с темой текста, требует дополнительной проверки.

Модель не различает инструкции и данные, уверенно следует конфликтующим указаниям и не способна оценивать истинность своих ответов.

Как и в случае с традиционным ПО, своевременные обновления и патчи помогают приложениям на базе LLM опережать злоумышленников.

Однако выходные данные LLM столь же вариативны, как и входные, поэтому выходные фильтры подвержены как ложным срабатываниям, так и пропускам угроз.

Этот принцип применим как к самим приложениям, так и к их пользователям.

Если вы работаете с LLM не как с игрушкой, а как с частью процессов, стоит прокачать «инженерию запросов» до уровня навыка.

Все больше людей узнает о понятии SSDLC (Secure Software Development Life Cycle) или безопасный жизненный цикл разработки ПО.

Каждый желающий может найти в Интернете популярный фреймворк, например, OWASP SAMM, и обнаружить там множество best practices, направленных на построение SSDLC, и проверить наличие таких практик в команде разработки.

Уровень зрелости процессов разработкиУровень зрелости процессов разработки (УЗ) ПО — это характеристика, отражающая полноту выполнения лучших практик по каждому процессу БРПО.

Так, в BSIMM определено 3 УЗ, 12 процессов и 128 практик, в OWASP SAMM 3 УЗ, 15 процессов и около 90 практик, а в DSOMM 5 УЗ, 19 процессов и почти 190 практик.

Кроме того, ряд комп…

Passkeys сохраняются в Passwords.app, Google Password Manager и в локальной учетной записи Windows, не привязанной к учетной записи Microsoft.

Но поскольку passkeys не единственный способ, то это не особо напрягаетИтого:Пароли - 4 копии рабочих + бэкапOTP - 4 независимых копии?

Сменили номер - прощайте passkeys Т-Банк Да Да МТС Да Да Аккаунт НЕСМЕНЯЕМО привязан к номеру телефона.

Cloud.RU Да Да частично Passkeys - через Сбер ID ВК Да Да Да Конфликт в некоторых сервисах между учетной записью сервиса привязанной к адресу @mail.ru и учетной записью VK ID Яндекс Да Да Да Не люблю яндекс.

Авито Да Еще одни любители второго фактора через СМС СберМобайл Всё через ... Сбер ID VK cloud Да Да Сбербан…

ПредисловиеНа практике NCALayer нередко устанавливается «успешно», но без нужных модулей:ЭЦП не определяется, внешние системы не работают, а повторная установка не помогает.

Из практики без проблем вшивались:esf-signer.jarRaiting1c_edoBundle.jarФайлы добавляются напрямую в архив, без распаковки и без изменения структуры.

Что нужно удалить перед запускомПеред первым запуском модифицированного клиента необходимо очистить кэш:Удаляются каталоги:bundles ncalayer-cache jreПосле этого запускаем модифицированный NCALayer.exe — модули будут подхвачены корректно.

→ AppData\Roaming\NCALayercalayer.logИтогЭто не взлом и не обход защиты, а использование внутренней логики NCALayer.

Метод неофициальный, …

SD-WAN по сути, а не по маркетингуSD-WAN строит логическую «прослойку» над WAN: трафик управляется политиками (приложение, пользователь, филиал, SLA), а не отдельными статическими маршрутами и туннелями.

В VPN вы сами следите за состоянием каналов, в SD‑WAN контроллер или устройство постоянно мониторит SLA (задержка, потери, доступность) и автоматически перепрокладывает трафик.

В VPN добавление нового филиала = новые туннели и ручная маршрутизация; в SD‑WAN — подключение узла к общей политике, часто с «нулевым касанием» на площадке (ZTP).

Что уже умеют современные NGFW для SD‑WAN и VPNРазберем на примере Ideco NGFW.

Что добавится в Ideco NGFW + SD‑WAN весеннем релизе 2026 годаПосле мартовск…

Prompt Worms Часть 2: Я проверил на практике — 31 уязвимость в экосистеме AI-агентаЭто продолжение статьи «Prompt Worms: Как агенты стали новыми переносчиками вирусов».

Баг в OAuth конфигурации спас пользователей от самих себя.

Они документируют 6 attack chains, включая «Malicious Skill Full Kill Chain» и «Prompt Injection to RCE».

Если завтра появится skill, который реально работает и содержит prompt injection в SKILL.md — все установившие его агенты скомпрометированы.

Баги ≠ ЗащитаСломанный OAuth в SendClaw случайно блокирует OAuth CSRF и автономную email-рассылку.

;ряд программ crypt , которые поставлялись с ранними версиями Unix;схема шифрования паролей, которая в основных чертах применяется до сих пор.

История создания механизма паролей (с шифрованием) наиболее интересна, потому что Моррис и Томпсон заложили фундамент современной информационной безопасности.

Деннис Ритчи известен как соавтор языка программирования С и ОС Unix.

В научной статье Томпсон и Моррис описывают основные подходы к разработке схемы шифрования паролей и архитектуру системы, которая получилась в итоге.

В ней пароль использовался не как текст для шифрования, а как ключ, и с помощью этого ключа была зашифрована константа.

В Windows NTLM реализован с помощью Security Support Provider Interface (SSPI) – это набор SSP, которые предназначены для работы с протоколами аутентификации, например, NTLM или Kerberos.

Все остальные поля NTLM-сообщений и процесс обмены сообщениями одинаковы как для первой, так и для второй версии.

Версии протокола никак не согласуются самим NTLM, о версии NTLM должны договариваться протоколы, пользующиеся услугами NTLM.

Затем сервер расшифровывает его, и с помощью него как клиент, так сервер могут подписывать и шифровать сообщения друг для друга.

ЗаключениеВ данной статье мы с вами достаточно глубоко погрузились в работу протокола NTLM, узнали об атаке NTLM Relay, выяснили, какие механиз…

Компания Anthropic сообщила, что ее новейшая языковая модель Claude Opus 4.6 обнаружила свыше 500 ранее неизвестных серьезных уязвимостей в опенсорсных проектах, включая Ghostscript, OpenSC и CGIF.

ИИ дали доступ к стандартным инструментам (отладчикам и фаззерам) и поставили задачу искать уязвимости в опенсорсных проектах.

OpenSC — LLM изучила вызовы функций вроде strrchr() и strcat(), и обнаружила проблему переполнения буфера.

LLM изучила вызовы функций вроде strrchr() и strcat(), и обнаружила проблему переполнения буфера.

CGIF — в библиотеке была найдена уязвимость переполнения буфера хипа, которую исправили в версии 0.5.1.

Фотохостинг Flickr предупредил пользователей о возможной утечке данных.

Проблема возникла из-за уязвимости в системах стороннего провайдера почтовых рассылок, и злоумышленники сумели получить доступ к именам, адресам электронной почты и другой информации о подписчиках сервиса.

Основанный в 2004 году, Flickr остается одним из крупнейших фотохостингов в мире: на платформе размещено свыше 28 млрд фотографий и видео.

Во Flickr не раскрывают, какой именно провайдер почтовых рассылок пострадал от атаки, а также не сообщают, скольких пользователей затронул этот инцидент.

Известно лишь, что среди потенциально скомпрометированных данных были:имена пользователей,email-адреса,никнеймы на Flickr,типы а…

Справка: сканирование портовСка­ниро­вание пор­тов — стан­дар­тный пер­вый шаг любой ата­ки.

На осно­ве этой информа­ции выбира­ется сле­дующий шаг к получе­нию точ­ки вхо­да.

#!/ bin/ bash ports = $( nmap -p- --min-rate = 500 $1 | grep ^[ 0- 9] | cut -d '/ ' -f 1 | tr ' ' ', ' | sed s/, $/ / ) nmap -p $ports -A $1Он работа­ет в два эта­па.

Сна­чала запус­кает­ся обыч­ное быс­трое ска­ниро­вание, затем — более тща­тель­ное, с исполь­зовани­ем име­ющих­ся скрип­тов (опция -A ).

Под­робнее о работе с Nmap читай в статье «Nmap с самого начала.

Напомним, что недавно эксперты из компании Koi Security подсчитали, что с 27 января по 1 февраля в ClawHub и на GitHub появилось более 230 вредоносных навыков для OpenClaw.

Чуть позже специалисты Bitdefender Labs пришли к выводу, что порядка 17% всех навыков для OpenClaw, опубликованных и проанализированных в феврале 2026 года, являются вредоносными.

Как теперь сообщили разработчики OpenClaw Петер Штайнбергер (Peter Steinberger), Джеймисон О'Рейли (Jamieson O'Reilly) и Бернардо Кинтеро (Bernardo Quintero), проект договорился о сотрудничестве с VirusTotal.

В OpenClaw признают: мощные возможности навыков (которые позволяют ИИ-агенту управлять умным домом, финансами и так далее) могут использо…

Исследователи Cisco Talos обнаружили Linux-фреймворк DKnife, который как минимум с 2019 года используется для перехвата трафика на уровне сетевого оборудования.

Вредонос внедряется на роутеры и шлюзы, где следит за проходящим трафиком, подменяет пакеты и доставляет малварь на устройства пользователей.

Фреймворк работает как инструмент для постэксплуатации и используется для проведения атак типа man-in-the-middle (MitM).

Исследователи пишут, что обнаружили в коде DKnife элементы на упрощенном китайском языке — в названиях компонентов и в комментариях.

К тому же, между DKnife и Spellbinder прослеживаются совпадения в тактиках и техниках атак.

Южнокорейская криптовалютная биржа Bithumb случайно отправила своим пользователям 620 000 биткоинов (около 40 млрд долларов США) вместо небольших промовыплат.

Вечером 6 февраля 2026 года на бирже Bithumb запустили обычную промоакцию с символическими призами — около 2000 вон (примерно 1,4 доллара США).

Резкий всплеск предложения обрушил цену BTC на Bithumb примерно на 17% по сравнению с другими площадками, хотя внутреннее падение длилось недолго.

Bithumb заявила, что восстановила уже 99,7% от ошибочно отправленных пользователям 620 000 BTC.

Дело в том, что это не первый случай, когда Bithumb привлекает внимание властей и СМИ, а также страдает от хакерских атак.

— И что нам это даст?

Ки­рилл на мгно­вение пред­ста­вил себе, как Ваня пот­рошит чужой сайт с исполь­зовани­ем сво­его вол­шебно­го ком­пакт‑дис­ка «Всё для хакера!

— На что спо­рим‑то?

Ки­рилл, все еще улы­баясь от уха до уха, мол­ча пожал про­тяну­тую парень­ком ладонь.

Ки­рилл не спе­шил отве­чать.

Ведущий редактор «Хакера» Валентин Холмогоров написал продолжение романа «Хакеры.RU», и мы уже готовим книгу к печати.

«Белый хакер» — это история о тех, кто взрослел вместе с цифровым миром.

О чем книгаКирилл остался один — без команды, без поддержки, но с багажом знаний, способных менять правила игры.

«Белый хакер» — это история об эпохе компьютерных клубов, подпольных форумов и хакеров, способных менять правила игры.

Читать сейчасЕсли ты еще не знаком с этой историей — каждую субботу на сайте публикуется новая глава романа.

Эксперты «Лаборатории Касперского» опубликовали исследование новой кампании хак-группы Stan Ghouls (она же Bloody Wolf), которая с конца 2025 года атакует организации в СНГ (в первую очередь в Узбекистане, но также в России и Казахстане).

Раньше основным инструментом группы был коммерческий RAT STRRAT (он же Strigoi Master), но в 2025 году хакеры переключились на легитимное ПО для удаленного управления — NetSupport.

При этом сам набор инструментов остается прежним — уникальный загрузчик на Java и NetSupport RAT.

Загрузчик также добавляет RAT в автозапуск тремя способами: через папку Startup, реестр и планировщик задач.

По информации экспертов, от последней кампании группы пострадали около 5…

В платформе для автоматизации рабочих процессов n8n обнаружили критическую уязвимость, позволявшую выполнять произвольные команды на стороне сервера.

Проблема, получившая идентификатор CVE-2026-25049 (9,4 балла по шкале CVSS), затрагивает механизм песочницы, который должен изолировать выполнение JavaScript-выражений в рабочих процессах.

Фактически баг позволяет обойти патч для другой критической проблемы — CVE-2025-68613 (9,9 балла по шкале CVSS), которую разработчики n8n исправили в декабре 2025 года.

Если у вас есть доступ к созданию рабочих процессов, вы можете захватить контроль над сервером», — пишут в Pillar Security.

Более того, так как n8n работает в мультитенантной среде, доступ к …

Confluence — не прос­то кор­поратив­ная база зна­ний, а еще и удоб­ная точ­ка опо­ры для хакера в орга­низа­ции.

В этой статье мы раз­берем акту­аль­ный при­мер «ата­ки у водопоя» с внед­рени­ем JS-бэк­дора в основную фор­му аутен­тифика­ции Confluence.

Эта статья выш­ла в свет в том чис­ле бла­года­ря Ива­ну Балашо­ву — идей­ному вдох­новите­лю абь­юза Custom HTML в Confluence.

Легитимные возможности на вооружении у хакераЗнал ли ты, что фун­кция добав­ления поль­зователь­ско­го HTML (Custom HTML) в нас­трой­ках адми­нис­тра­тора впер­вые появи­лась в вер­сии Confluence 2.1.5, выпущен­ной 16 мар­та 2006 года?

Внед­рив JS-бэк­дор в стра­ницу аутен­тифика­ции, мы получа­ем дос­туп к акту­аль…

Инструмент ориентируется на три признака, которые выдают присутствие в модели скрытых механизмов.

Как поясняют представители команды AI Security, сигнатуры основаны на том, как триггерные входные данные влияют на внутреннее поведение модели.

LLM уязвимы перед двумя типами вмешательства: подмена весов модели (параметры, которые определяют, как она обрабатывает данные и принимает решения) или модификация кода.

Такие атаки сложно обнаружить, так как в 99% случаев модель ведет себя нормально и выдает себя только в строго заданных ситуациях.

Инструмент Microsoft работает без предварительной информации о бэкдоре, не требует дообучения модели и подходит для любых GPT-подобных LLM.

Представители криптовалютной биржы Coinbase подтвердили утечку данных пользователей, произошедшую на стороне подрядчика.

В компании заявили, что злоумышленники получили доступ к информации примерно 30 клиентов.

В компании подчеркнули, что этот подрядчик больше не работает с Coinbase.

Тогда хакеры подкупили двух сотрудников индийской аутсорсинговой компании TaskUs и в результате получили доступ к данным почти 70 000 пользователей биржи.

Стоит отметить, что в прошлом году Scattered Lapsus$ Hunters подкупила сотрудника компании CrowdStrike, чтобы тот предоставил скриншоты внутренних систем.

Аналитики DataDog Security Labs обнаружили вредоносную кампанию, в рамках которой злоумышленники проникают на серверы Nginx и перенаправляют трафик пользователей в свою инфраструктуру.

Дело в том, что proxy_pass применяется для балансировки нагрузки, и Nginx действительно использует ее, чтобы распределять запросы между бэкенд-серверами.

Для проведения атак хакеры задействуют автоматизированный инструментарий, который внедряет изменения в конфигурации в пять этапов.

Пятый этап (ok.sh) — сканирует скомпрометированные конфигурации Nginx для создания списка захваченных доменов, используемых шаблонов инъекций и прокси-целей.

Хакеры не эксплуатируют уязвимости в Nginx и скрывают вредоносные инстр…

Сообщается, что еще в октябре 2025 года хакеры похитили адреса электронной почты, номера телефонов и служебные метаданные.

Как пишет глава компании Крис Бест (Chris Best) в письме пострадавшим, злоумышленники получили доступ к ограниченному набору пользовательских данных, и учетные данные и финансовая информация не пострадали.

Пока представители Substack не раскрывают количество пострадавших пользователей, однако на хак-форуме BreachForums уже появился дамп, содержащий 697 313 записей.

Представители Substack заявили, что уязвимость, которую использовал злоумышленник, уже устранена, и призывали пользователей сохранять бдительность в свете возможных фишинговых атака с использованием похищенно…

The Cyber Security Agency (CSA) of Singapore on Monday revealed that the China-nexus cyber espionage group known as UNC3886 targeted its telecommunications sector.

"UNC3886 had launched a deliberate, targeted, and well-planned campaign against Singapore's telecommunications sector," CSA said.

"All four of Singapore's major telecommunications operators ('telcos') – M1, SIMBA Telecom, Singtel, and StarHub – have been the target of attacks."

The development comes more than six months after Singapore's Coordinating Minister for National Security, K. Shanmugam, accused UNC3886 of striking high-value strategic threat targets.

CSA said it mounted a cyber operation dubbed CYBER GUARDIAN to counter …

Microsoft has revealed that it observed a multi‑stage intrusion that involved the threat actors exploiting internet‑exposed SolarWinds Web Help Desk (WHD) instances to obtain initial access and move laterally across the organization's network to other high-value assets.

In the attacks detected by Microsoft, successful exploitation of the exposed SolarWinds WHD instance allowed the attackers to achieve unauthenticated remote code execution and run arbitrary commands within the WHD application context.

The attackers followed it up with a series of actions -Enumerated sensitive domain users and groups, including Domain Admins.

Used DLL side-loading on some hosts by using "wab.exe," a legitimat…

As companies connect AI, cloud apps, developer tools, and communication systems, attackers are following those same paths.

AISURU/Kimwolf has also been linked to another DDoS campaign codenamed The Night Before Christmas that commenced on December 19, 2025.

In all, DDoS attacks surged by 121% in 2025, reaching an average of 5,376 attacks automatically mitigated every hour.

AISURU/Kimwolf has also been linked to another DDoS campaign codenamed The Night Before Christmas that commenced on December 19, 2025.

In all, DDoS attacks surged by 121% in 2025, reaching an average of 5,376 attacks automatically mitigated every hour.

Why do SOC teams keep burning out and missing SLAs even after spending big on security tools?

Top CISOs have realized the solution isn’t hiring more people or stacking yet another tool onto the workflow, but giving their teams faster, clearer behavior evidence from the start.

Starting with Sandbox-First Investigation to Cut MTTR at the SourceThe fastest way to reduce MTTR is to remove the delays baked into investigations.

Manually replaying these steps costs time and attention, exactly what SOC teams don’t have.

Giving the team this dual approach, automation plus interactivity, means the following for CISOs: faster response, lower workload, and more SOC capacity, without adding headcount.

The threat actor known as Bloody Wolf has been linked to a campaign targeting Uzbekistan and Russia to infect systems with a remote access trojan known as NetSupport RAT.

The threat actor is known to be active since at least 2023, orchestrating spear-phishing attacks against manufacturing, finance, and IT sectors in Russia, Kyrgyzstan, Kazakhstan, and Uzbekistan.

The campaign is estimated to have claimed about 50 victims in Uzbekistan, with 10 devices in Russia also impacted.

The use of Kitsune was also linked to a threat cluster known as Sneaky Wolf (aka Sneaking Leprechaun) by BI.ZONE.

The end goal of the attacks is to deploy Tor and OpenSSH so as to facilitate persistent remote access.

Cybersecurity researchers have called attention to a "massive campaign" that has systematically targeted cloud native environments to set up malicious infrastructure for follow-on exploitation.

The campaign has been attributed to a threat cluster known as TeamPCP (aka DeadCatx3, PCPcat, PersyPCP, and ShellForce).

TeamPCP is known to be active since at least November 2025, with the first instance of Telegram activity dating back to July 30, 2025.

TeamPCP is said to function as a cloud-native cybercrime platform, leveraging misconfigured Docker APIs, Kubernetes APIs, Ray dashboards, Redis servers, and vulnerable React/Next.js applications as main infection pathways to breach modern cloud infr…

This page appears when Google automatically detects requests coming from your computer network which appear to be in violation of the Terms of Service .

The block will expire shortly after those requests stop.This traffic may have been sent by malicious software, a browser plug-in, or a script that sends automated requests.

If you share your network connection, ask your administrator for help — a different computer using the same IP address may be responsible.

Learn more Sometimes you may see this page if you are using advanced terms that robots are known to use, or sending requests very quickly.

OpenClaw also said all active skills are re-scanned on a daily basis to detect scenarios where a previously clean skill becomes malicious.

That said, OpenClaw maintainers also cautioned that VirusTotal scanning is "not a silver bullet" and that there is a possibility that some malicious skills that use a cleverly concealed prompt injection payload may slip through the cracks.

The development comes in the aftermath of reports that found hundreds of malicious skills on ClawHub, prompting OpenClaw to add a reporting option that allows signed-in users to flag a suspicious skill.

When you install a malicious agent skill, you're potentially compromising every system that agent has credentials for…

"The focus is on high-ranking targets in politics, the military, and diplomacy, as well as investigative journalists in Germany and Europe," the agencies said.

"Unauthorized access to messenger accounts not only allows access to confidential private communications but also potentially compromises entire networks."

Rather, the end goal is to weaponize its legitimate features to obtain covert access to a victim's chats, along with their contact lists.

To stay protected against the threat, users are advised to refrain from engaging with support accounts and entering their Signal PIN as a text message.

"In each affected facility, a FortiGate device was present, serving as both a VPN concentrato…

Cybersecurity researchers have taken the wraps off a gateway-monitoring and adversary-in-the-middle (AitM) framework dubbed DKnife that's operated by China-nexus threat actors since at least 2019.

The framework comprises seven Linux-based implants that are designed to perform deep packet inspection, manipulate traffic, and deliver malware via routers and edge devices.

Functions of seven DKnife componentsUnlike WizardNet, DKnife is engineered to be run on Linux-based devices.

Its modular architecture enables operators to serve a wide range of functions, ranging from packet analysis to traffic manipulation.

The discovery of the DKnife framework highlights the advanced capabilities of modern A…

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has ordered Federal Civilian Executive Branch (FCEB) agencies to strengthen asset lifecycle management for edge network devices and remove those that no longer receive security updates from original equipment manufacturers (OEMs) over the next 12 to 18 months.

Edge devices is an umbrella term that encompasses load balancers, firewalls, routers, switches, wireless access points, network security appliances, Internet of Things (IoT) edge devices, software-defined networks, and other physical or virtual networking components that route network traffic and hold privileged access.

"Persistent cyber threat actors are increasingly ex…

A previously undocumented cyber espionage group operating from Asia broke into the networks of at least 70 government and critical infrastructure organizations across 37 countries over the past year, according to new findings from Palo Alto Networks Unit 42.

In addition, the hacking crew has been observed conducting active reconnaissance against government infrastructure associated with 155 countries between November and December 2025.

The activity is being tracked by the cybersecurity company under the moniker TGR-STA-1030, where "TGR" stands for temporary threat group and "STA" refers to state-backed motivation.

"The group routinely leases and configures its C2 servers on infrastructure o…

As you know, enterprise network security has undergone significant evolution over the past decade.

Samsung Knox Firewall offers granular controlChange my mind: Most mobile firewalls are blunt instruments.

That’s where the Samsung Knox Zero Trust Network Access (ZTNA) framework comes in.

For organizations with existing VPN infrastructure, the Samsung Knox ZTNA framework enables a gradual migration path.

Because Samsung Knox is built into Samsung Galaxy devices, you skip the chaos of multiple agents, vendors, and integrations.

In the case of npm, the malicious code acts as a cryptocurrency wallet stealer that siphons seed phrases and device information.

The Python package, on the other hand, also incorporates a remote access trojan (RAT) along with the wallet stealer functionality.

This is not the first time the dYdX ecosystem has been the target of supply chain attacks.

"Viewed alongside the 2022 npm supply chain compromise and the 2024 DNS hijacking incident, this attack highlights a persistent pattern of adversaries targeting dYdX-related assets through trusted distribution channels," Socket said.

"Sophisticated attackers are moving upstream into the software supply chain because it provides a deep, low-noise …

Artificial intelligence (AI) company Anthropic revealed that its latest large language model (LLM), Claude Opus 4.6, has found more than 500 previously unknown high-severity security flaws in open-source libraries, including Ghostscript, OpenSC, and CGIF.

Claude Opus 4.6, which was launched on Thursday, comes with improved coding skills, including code review and debugging capabilities, along with enhancements to tasks like financial analyses, research, and document creation.

Some of the security defects that were flagged by Claude Opus 4.6 are listed below.

The company has pitched AI models like Claude as a critical tool for defenders to "level the playing field."

The disclosure comes week…

Fake appsMobile apps masquerading as official Winter Olympics apps may actually contain infostealing malware or other threats.

Staying safe from Winter Olympics scamsTo stay safe online, stick to the official Winter Olympics sites and don’t engage with unsolicited messages and too-goo-to-be-true deals.

Avoid clicking on links or opening attachments in unsolicited messages, even if they appear to be from legitimate Winter Olympics organizers/sponsors.

If you’re going to the event, download the official Olympics app for schedules, maps, and digital tickets.

The XXV Winter Olympic Games in Milano-Cortina is set to be a treat for sports fans around the world.

The trends that emerged in January offer useful clues about the risks and priorities that security teams are likely to contend with throughout the yearThe year got off to a busy start, with January offering an early snapshot of the challenges that (not just) cybersecurity teams are likely to face in the months ahead.

It's therefore time for ESET Chief Security Evangelist Tony Anscombe to look back on some of the month's most impactful cybersecurity stories.

Here's some of what caught Tony's eye:What are some of the lessons businesses should take away from these incidents?

Be sure to check out the video, as well as watch the December 2025 edition of Tony's security news roundup for more news…

Key points of the report: ESET researchers identified new data-wiping malware that we have named DynoWiper, used against an energy company in Poland.

We attribute DynoWiper to Sandworm with medium confidence, in contrast to the ZOV wiper, which we attribute to Sandworm with high confidence.

However, since the start of Russia’s full-scale invasion of Ukraine, Sandworm has changed its tactics regarding targets in Poland.

In December 2025, we detected the deployment of a destructive malware sample, which we named DynoWiper, at an energy company in Poland.

Interestingly, during the analysis of the ZOV wiper incident, we identified a newer PowerShell script used to deploy the ZOV wiper.

The campaign uses a malicious app posing as a chat platform that allows users to initiate conversations with specific “girls” – fake profiles probably operated via WhatsApp.

While we don’t know how the malicious app is distributed, we assume that this exclusivity tactic is used as part of the lure, with the purported access codes distributed along with the app.

GhostChat, the malicious app used in the campaign, poses as a dating chat platform with seemingly locked female profiles.

Once the app is installed, its operators can monitor, and exfiltrate sensitive data from, the victim’s device.

This action triggered ClickFix instructions, as seen in Figure 11, which led to the download and execu…

10 reasons your inbox is full of spam and/or scamsEmail spam can range from pesky, unsolicited missives sent in bulk to the downright dangerous and malicious (phishing messages and malware delivered via spam and also known as ‘malspam’).

They then post or sell that data on cybercrime forums/marketplaces, where others buy it for use in phishing emails.

If they manage to achieve a breakthrough that bypasses spam filters, expect unwanted messages to start flooding in.

What not to doIt’s also best practice never to:Avoid clicking on ‘unsubscribe’ or replying to a spam email, as this will verify your address to the sender.

Reset your email security settings or lower spam ‘sensitivity’ levels.

The attack involved data-wiping malware that ESET researchers have now analyzed and named DynoWiperIn late 2025, Poland’s energy system faced what has been described as the “largest cyberattack” targeting the country in years.

ESET Research has now found that the attack was the work of the notorious Russia-aligned APT group Sandworm.

Meanwhile, the attack on Poland’s power grid in the last week of December involved data-wiping malware that ESET has now analyzed and named DynoWiper.

In their latest APT Activity Report, covering April to September 2025, ESET researchers noted that they spotted Sandworm conducting wiper attacks against targets in Ukraine on a regular basis.

ESET Research offer…

AI chatbots have become a big part of all of our lives since they burst onto the scene more than three years ago.

A similar share of parents is worried their kids think AI chatbots are real people.

Our children use generative AI (GenAI) in diverse ways.

Children are going through an incredible period of emotional and cognitive development, making them vulnerable in various ways.

The onus, therefore, is definitely on parents to get ahead of any threats through proactive monitoring and education.

Here’s how the most common scams targeting Apple Pay users work and what you can do to stay one step aheadApple Pay is clearly a hit with consumers.

Here are some common scams targeting Apple Pay users.

Top six scams targeting Apple Pay usersApple Pay scammers are usually after your financial information, your money or your Apple ID and logins/2FA codes.

Or it could be a fake story about how your Apple Pay account has been suspended, your card was added to Apple Pay or similar pretexts.

First, take a moment to recognize the most common red flags and Apple Pay scams, as listed above.

A full 25 percent of the top 1,000 most-used passwords are made up of nothing but numerals.

This is according to NordPass’ analysis, which is based on billions of leaked passwords and sheds light on password trends among people in 44 countries.

Same old, same oldUsing an easily-guessable password is tantamount to locking the front door of your house with a paper latch.

Weak, obvious, or reused passwords can expose not only individual employees, but entire organizations, their customers, and their partners.

But if your own passwords appear on either list above, improving your account security should be one of the most important of them.

It may be the most recent high-profile case of threat actors abusing LinkedIn to further their own nefarious goals.

It’s easy to get up and running: For threat actors, the potential ROI for attacks using LinkedIn is massive.

Account hijacking : Fake LinkedIn (phishing) pages, infostealers, credential stuffing and other techniques can be used to help threat actors takeover users’ accounts.

: Fake LinkedIn (phishing) pages, infostealers, credential stuffing and other techniques can be used to help threat actors takeover users’ accounts.

However, it would make sense to build LinkedIn threat scenarios of the sort described above into security awareness courses.

New legislation in Australia makes it illegal for those under 16 to have a social media account.

To avoid financial penalties, social media companies have scrambled to remove accounts they believe breach the legislation.

As 2026 has just begun, this also sparks a broader question for internet users and regulators alike: will this be the year the world rethinks identity online?

Unless an app or service is operated by a regulated company that requires identity verification, people are free to create accounts on many services using any identity they desire.

I am not suggesting that all services need to have verified users.

Contrary to popular belief, much of the dark web isn’t the den of digital iniquity that some commentators claim.

involve the large-scale theft of customer/employee information, which then usually appears for sale on the dark web.

If you unwittingly click through and enter your information on a phishing site, it could end up being sold on the dark web.

If you unwittingly click through and enter your information on a phishing site, it could end up being sold on the dark web.

Finally, sign up to identity protection services and sites like HaveIBeenPwned, which will alert you when any PII appears on the dark web.

Indeed, credential stuffing is the digital equivalent of someone discovering a skeleton key that opens your house, office, and safe – all in one sweep.

While credential stuffing is by no means new, several trends have exacerbated the problem.

Here’s the scale at which credential stuffing attacks can be conducted:In 2022, PayPal reported that nearly 35,000 customer accounts were compromised via credential stuffing.

How to protect your organizationThese days, credential stuffing is also a primary vector for account takeover, fraud, and large-scale data theft across industries, including retail, finance, SaaS, and health care.

Importantly, many organizations are embracing passwordless authenti…

As 2025 draws to a close, Tony looks back at the cybersecurity stories that stood out both in December and across the whole of this yearAs we close out 2025, it's time for ESET Chief Security Evangelist Tony Anscombe to review some of the main cybersecurity stories from both the final month of the year and 2025 as a whole.

While staggering, this figure is still just the tip of the iceberg.

The Texas Attorney General is suing five major TV manufacturers, alleging that they illegally collected their users' data by secretly capturing what the viewers watch.

Indeed, Tony goes on to take a look back at some of the most notable cyber-incidents for the entire year, highlighting some of the most pe…

SmarterTools, the company behind the popular Microsoft Exchange alternative SmarterMail, has been breached by a ransomware-wielding group that leveraged a recently fixed vulnerability in that solution.

“Because we are primarily a Linux company now, only about 12 Windows servers looked to be compromised and on those servers, our virus scanners blocked most efforts.

(Two other SmarterMail vulnerabilities were added to the same catalog in late January, but those are not known to be leveraged in ransomware attacks.)

The group uses the Warlock ransomware and double extortion tactics.

For example, the Warlock Group frequently targets CVE’s in SharePoint and Veeam and has now targeted SmarterMail.

The European Commission’s mobile device management platform was hacked but the incident was swiftly contained and no compromise of mobile devices was detected, EU’s executive branch announced on Friday.

EPMM is used to manage mobile devices, apps, and content, including their security,” Rutte stated in a letter to the Parliament.

“Based on the information currently available, I can report that at least the AP and the Rvdr have been affected.

Previously exploited Ivanti EPMM zero-days“The Commission takes seriously the security and resilience of its internal systems and data and will continue to monitor the situation.

In May 2025, CERT-EU reported two Ivanti EPMM zero-days that were exploite…

The European Commission believes Meta breached EU competition rules by blocking other AI assistants from accessing and interacting with users on WhatsApp.

The case centers on a change Meta announced on 15 October 2025 to the WhatsApp Business Solution Terms.

The update effectively blocked third-party, general-purpose AI assistants from operating on WhatsApp.

Since 15 January 2026, Meta AI has been the only AI assistant available on the app.

“AI is bringing incredible innovations to consumers, and one of these is the emerging market of AI assistants.

BeyondTrust fixed a critical remote code execution vulnerability (CVE-2026-1731) in its Remote Support (RS) and Privileged Remote Access (PRA) solutions and is urging self-hosted customers to apply the patch as soon a possible.

About CVE-2026-1731BeyondTrust Privileged Remote Access is a remote help/remote access tool for IT and support teams to troubleshoot and fix problems on enterprise endpoints.

BeyondTrust Privileged Remote Access (PRA) is a product designed to provide privileged users (IT admins, third-party vendors, etc.)

CVE-2026-1731 affects Remote Support versions 25.3.1 and prior and Privileged Remote Access versions 24.3.4 and prior.

BeyondTrust has applied the patch for its Rem…

Development activity on the Linux kernel continues into early 2026 with the stable release of version 6.19.

The kernel release announcement lists hundreds of individual patches from contributors, each addressing specific components of the kernel.

After a stable release, a new major version number is assigned when the merge window opens and development accelerates toward the next stable release.

Stable Linux kernel releases are of interest to system integrators, distribution maintainers, and administrators who track upstream changes.

With Linux kernel 6.19 now in the mainline tree, developers and downstream consumers of the kernel can begin incorporating this version into their build workflo…

OpenAI has updated its Europe-facing privacy policy following the November 2024 EU revision, clarifying scope, expanding coverage, and detailing user controls.

The updated document is longer, with dedicated sections for data controls and practical resources.

“This Privacy Policy describes our practices with respect to personal data that we collect from or about you, and how we use it when you use our website, applications, and services,” the company said.

The document explains data retention practices, describing how long different categories of personal data may be kept and the factors that influence retention periods.

Data controller information has been reorganized into a dedicated secti…

The European Commission has issued preliminary findings that say TikTok breaches the Digital Services Act due to its addictive design.

The probe examined whether the platform meets its obligations as a very large online platform under the Digital Services Act.

According to the Commission, “TikTok did not properly assess risks linked to certain design features.

The European Board for Digital Services will be consulted during the next phase.

The Digital Services Act makes platforms responsible for the effects they can have on their users.

That reality creates a unique cybersecurity challenge for airlines, where disruption can quickly become an operational and public trust crisis.

How do you reconcile the need for cybersecurity modernization with aircraft, operational, and safety systems that were never designed for frequent change?

Many aircraft and operational systems were designed for stability, determinism, and certification, not rapid iteration.

We work alongside operations, safety, legal, communications, and executive leadership to ensure decisions are balanced and informed.

In aviation, safety and engineering communities are deeply evidence-driven and rightly cautious.

Allama is an open-source security automation platform that lets teams build visual workflows for threat detection and response.

Once alerts enter the platform, it uses a workflow engine and AI agents to enrich, triage, and act on the data.

AI agents and threat responseAllama includes AI-powered agents that process threat data and make decisions about actions to take.

Security teams can execute isolated scripts in constrained environments, with audit logging and role-based access controls configured through the platform.

Must read:Subscribe to the Help Net Security ad-free monthly newsletter to stay informed on the essential open-source cybersecurity tools.

Security and governance approaches to autonomous AI agents rely on static credentials, inconsistent controls, and limited visibility.

Securing these agents requires the same rigor and traceability applied to human users, according to Cloud Security Alliance’s Securing Autonomous AI Agents report.

Agents scale faster than governance frameworksAutonomous AI agents act on behalf of humans, accessing data and making decisions with business impact.

Security, IT, DevOps, IAM, GRC, and emerging AI security teams often share accountability, creating gaps in oversight and inconsistent policy enforcement.

This reflects uncertainty over whether AI agents should be treated as machine identities, human …

Open-source AI pentesting tools are getting uncomfortably goodAI has come a long way in the pentesting world.

I dug into three of them, BugTrace-AI, Shannon, and CAI, the Cybersecurity AI framework, and put them up against real-world targets in a lab environment.

Microsoft brings project-focused AI agents into OneDriveTeams often rely on shared document collections to track project history, decisions, and operational knowledge.

OpenAI Frontier organizes AI agents under one systemOpenAI introduced Frontier, a platform designed to organize AI agents that perform business tasks within internal systems and workflows.

This integration creates a shared knowledge layer that allows AI agents to und…

German security authorities are warning that a likely state-backed hacking group is engaged in attempts at phishing senior political figures, military officials, diplomats, and investigative journalists across Germany and Europe via Signal.

The two approachesThe attackers are approaching targets directly inside the messaging app and guiding them into handing over access to their accounts.

In the first, the attacker poses as official Signal support (“Signal Support” or “Signal Security ChatBot”) and messages the target:The phishing message (Source: German Federal Office for Information Security)The message usually claims there is a security problem and that urgent action is needed.

German au…

“In every case, the VPN interface was exposed to the Internet and allowed authentication to accounts defined in the configuration without multi‑factor authentication.”Renewable energy facilities lost visibility at substationsIn the renewable energy sector, attackers targeted at least 30 wind and photovoltaic facilities.

After gaining access, the attackers compromised industrial control systems including RTU controllers, protection relays, HMI computers, and serial device servers.

The affected equipment included systems from Hitachi Energy, Mikronika, and Moxa deployed within substation and industrial automation environments supporting renewable energy production and distribution.

Prolonged …

By “edge devices”, CISA means load balancers, firewalls, routers, switches, wireless access points, network security appliances, IoT edge devices, software defined networks and other physical or virtual networking devices responsible for routing network traffic and providing privileged access.

Within three months: Agencies must take stock of all edge devices on what CISA calls its “end-of-service” list.

By 18 months: All identified end-of-support edge devices must be fully removed nationwide.

The agency plans to provide a list of edge devices that are already EOS or soon-to-be EOS, and other technical support as needed.

“CISA is aware of widespread exploitation campaigns by advanced threat …

For the third time in two weeks, CISA added a vulnerability (CVE-2026-24423) affecting SmarterTools’ SmarterMail email and collaboration server to its Known Exploited Vulnerabilities catalog, and this one is being exploited in ransomware attacks.

A glut of SmarterMail vulnerabilitiesOn January 26, the US cybersecurity agency listed CVE-2025-52691 (a unrestricted upload of file with dangerous type vulnerability) and CVE-2026-23760 (an authentication bypass flaw) affecting SmarterMail in the KEV catalog.

It affects SmarterMail versions before v100.0.9511, allowing unauthenticated attackers to achieve remote code execution by sending a specially crafted POST request that will be executed by th…

About Bruce SchneierI am a public-interest technologist, working at the intersection of security, technology, and people.

I've been writing about security issues on my blog since 2004, and in my monthly newsletter since 1998.

I'm a fellow and lecturer at Harvard's Kennedy School, a board member of EFF, and the Chief of Security Architecture at Inrupt, Inc.

This personal website expresses the opinions of none of those organizations.

I Am in the Epstein FilesOnce.

Someone named “Vincenzo lozzo” wrote to Epstein in email, in 2016: “I wouldn’t pay too much attention to this, Schneier has a long tradition of dramatizing and misunderstanding things.” The topic of the email is DDoS attacks, and it is unclear what I am dramatizing and misunderstanding.

Rabbi Schneier is also mentioned, also incidentally, also once.

As far as either of us know, we are not related.

Posted on February 6, 2026 at 3:43 PM • 0 Comments

It also provides rare insight into the apparent effectiveness of Lockdown Mode, or at least how effective it might be before the FBI may try other techniques to access the device.

The document is written by the government, and is opposing the return of Natanson’s devices.

The FBI raided Natanson’s home as part of its investigation into government contractor Aurelio Perez-Lugones, who is charged with, among other things, retention of national defense information.

The government believes Perez-Lugones was a source of Natanson’s, and provided her with various pieces of classified information.

While executing a search warrant for his mobile phone, investigators reviewed Signal messages between …

Backdoor in Notepad++Hackers associated with the Chinese government used a Trojaned version of Notepad++ to deliver malware to selected users.

Notepad++ said that officials with the unnamed provider hosting the update infrastructure consulted with incident responders and found that it remained compromised until September 2.

Even then, the attackers maintained credentials to the internal services until December 2, a capability that allowed them to continue redirecting selected update traffic to malicious servers.

Make sure you’re running at least version 8.9.1.

Posted on February 5, 2026 at 7:00 AM • 0 Comments

US Declassifies Information on JUMPSEAT Spy SatellitesThe US National Reconnaissance Office has declassified information about a fleet of spy satellites operating between 1971 and 2006.

I’m actually impressed to see a declassification only two decades after decommission.

Posted on February 4, 2026 at 7:02 AM • 0 Comments

Microsoft gives the FBI the ability to decrypt BitLocker in response to court orders: about twenty times per year.

It’s possible for users to store those keys on a device they own, but Microsoft also recommends BitLocker users store their keys on its servers for convenience.

While that means someone can access their data if they forget their password, or if repeated failed attempts to login lock the device, it also makes them vulnerable to law enforcement subpoenas and warrants.

AI Coding Assistants Secretly Copying All Code to ChinaThere’s a new report about two AI coding assistants, used by 1.5 million developers, that are surreptitiously sending a copy of everything they ingest to China.

Maybe avoid using them.

Posted on February 2, 2026 at 7:05 AM • 0 Comments

A new species of squid.

pretends to be a plant:Scientists have filmed a never-before-seen species of deep-sea squid burying itself upside down in the seafloor—a behavior never documented in cephalopods.

They captured the bizarre scene while studying the depths of the Clarion-Clipperton Zone (CCZ), an abyssal plain in the Pacific Ocean targeted for deep-sea mining.

The team described the encounter in a study published Nov. 25 in the journal Ecology, writing that the animal appears to be an undescribed species of whiplash squid.

It was very novel and very puzzling.”

From an Anthropic blog post:In a recent evaluation of AI models’ cyber capabilities, current Claude models can now succeed at multistage attacks on networks with dozens of hosts using only standard, open-source tools, instead of the custom tools needed by previous generations.

This illustrates how barriers to the use of AI in relatively autonomous cyber workflows are rapidly coming down, and highlights the importance of security fundamentals like promptly patching known vulnerabilities.

[…]A notable development during the testing of Claude Sonnet 4.5 is that the model can now succeed on a minority of the networks without the custom cyber toolkit needed by previous generations.

Sonnet 4.5 ac…

The US Supreme Court is considering the constitutionality of geofence warrants.

Police probing the crime found security camera footage showing a man on a cell phone near the credit union that was robbed and asked Google to produce anonymized location data near the robbery site so they could determine who committed the crime.

They did so, providing police with subscriber data for three people, one of whom was Chatrie.

Police then searched Chatrie’s home and allegedly surfaced a gun, almost $100,000 in cash and incriminating notes.

Chatrie’s appeal challenges the constitutionality of geofence warrants, arguing that they violate individuals’ Fourth Amendment rights protecting against unreasona…

About Bruce SchneierI am a public-interest technologist, working at the intersection of security, technology, and people.

I've been writing about security issues on my blog since 2004, and in my monthly newsletter since 1998.

I'm a fellow and lecturer at Harvard's Kennedy School, a board member of EFF, and the Chief of Security Architecture at Inrupt, Inc.

This personal website expresses the opinions of none of those organizations.

About Bruce SchneierI am a public-interest technologist, working at the intersection of security, technology, and people.

I've been writing about security issues on my blog since 2004, and in my monthly newsletter since 1998.

I'm a fellow and lecturer at Harvard's Kennedy School, a board member of EFF, and the Chief of Security Architecture at Inrupt, Inc.

This personal website expresses the opinions of none of those organizations.

Really interesting blog post from Anthropic:In a recent evaluation of AI models’ cyber capabilities, current Claude models can now succeed at multistage attacks on networks with dozens of hosts using only standard, open-source tools, instead of the custom tools needed by previous generations.

This illustrates how barriers to the use of AI in relatively autonomous cyber workflows are rapidly coming down, and highlights the importance of security fundamentals like promptly patching known vulnerabilities.

[…]A notable development during the testing of Claude Sonnet 4.5 is that the model can now succeed on a minority of the networks without the custom cyber toolkit needed by previous generation…

Prompt injection is a method of tricking LLMs into doing things they are normally prevented from doing.

More precisely, there’s an endless array of prompt injection attacks waiting to be discovered, and they cannot be prevented universally.

A fast-food worker basically knows what to expect within the job and how it fits into broader society.

Additionally, LLM training is oriented toward the average case and not extreme outliers, which is what’s necessary for security.

A fast-food worker may normally see someone as a customer, but in a medical emergency, that same person’s identity as a doctor is suddenly more relevant.

A prolific data ransom gang that calls itself Scattered Lapsus Shiny Hunters (SLSH) has a distinctive playbook when it seeks to extort payment from victim firms: Harassing, threatening and even swatting executives and their families, all while notifying journalists and regulators about the extent of the intrusion.

Some victims reportedly are paying — perhaps as much to contain the stolen data as to stop the escalating personal attacks.

That’s according to Allison Nixon, director of research at the New York City based security consultancy Unit 221.

Nixon said Com-based extortion groups tend to instigate feuds and drama between group members, leading to lying, betrayals, credibility destroyin…

The FBI said Badbox 2.0 was discovered after the original Badbox campaign was disrupted in 2024.

KrebsOnSecurity was initially skeptical of the claim that the Kimwolf botmasters had hacked the Badbox 2.0 botnet.

]net, a domain that was flagged in a March 2025 report by HUMAN Security as one of several dozen sites tied to the distribution and management of the Badbox 2.0 botnet.

However, the source of that Badbox 2.0 screenshot said the Kimwolf botmasters had an ace up their sleeve the whole time: Secret access to the Badbox 2.0 botnet control panel.

The source said it isn’t clear how Dort gained access to the Badbox botnet panel.

Kimwolf grew rapidly in the waning months of 2025 by tricking various “residential proxy” services into relaying malicious commands to devices on the local networks of those proxy endpoints.

Kimwolf mainly targeted proxies from IPIDEA, a Chinese service that has millions of proxy endpoints for rent on any given week.

The Kimwolf operators discovered they could forward malicious commands to the internal networks of IPIDEA proxy endpoints, and then programmatically scan for and infect other vulnerable devices on each endpoint’s local network.

Kimwolf’s close association with residential proxy networks and compromised Android TV boxes might suggest we’d find relatively few infections on corpor…

Microsoft today issued patches to plug at least 113 security holes in its various Windows operating systems and supported software.

“Today’s Windows patches remove agrsm64.sys and agrsm.sys.

This security feature is designed to protect against threats like rootkits and bootkits, and it relies on a set of certificates that are set to expire in June 2026 and October 2026.

Once these 2011 certificates expire, Windows devices that do not have the new 2023 certificates can no longer receive Secure Boot security fixes.

Windows admins should keep an eye on askwoody.com for any news about patches that don’t quite play nice with everything.

XLab said it suspected since October that Kimwolf and Aisuru had the same author(s) and operators, based in part on shared code changes over time.

In late October 2025, Brundage shared that the people selling various proxy services which benefitted from the Aisuru and Kimwolf botnets were doing so at a new Discord server called resi[.]to.

]to Discord channel would periodically post new IP addresses that were responsible for proxying traffic over the Kimwolf botnet.

All told, Synthient said it tracked at least seven static Resi Rack IP addresses connected to Kimwolf proxy infrastructure between October and December 2025.

]to Discord server vanished, Synthient’s website was hit with a DDoS at…

The most typical of these uninvited guests are small programs that turn the device into a residential proxy node that is resold to others.

Brundage says Kimwolf grew rapidly by abusing a glaring vulnerability in many of the world’s largest residential proxy services.

Kilmer said one model of unsanctioned Android TV boxes that is especially popular — the Superbox, which we profiled in November’s Is Your Android TV Streaming Box Part of a Botnet?

At that point, your home’s public IP address will show up for rent at the website of some residential proxy provider.

Brundage also has compiled a list of the unofficial Android TV boxes that are most highly represented in the Kimwolf botnet.

Your engagement this past year here has been tremendous and truly a salve on a handful of dark days.

The arrests came shortly after the FBI and the Dutch police seized dozens of servers and domains for the group.

In June, KrebsOnSecurity.com was hit by the largest DDoS attack that Google had ever mitigated at the time (we are a grateful guest of Google’s excellent Project Shield offering).

Another Aisuru attack on Cloudflare just days later practically doubled the size of the June attack against this website.

If you like the content we publish at KrebsOnSecurity.com, please consider making an exception for our domain in your ad blocker.

Democratic lawmakers have urged the SEC to investigate what they call “concerning ties to President Trump and his family” as potential conflicts of interest and foreign influence.

In October, President Trump pardoned Changpeng Zhao, the founder of the world’s largest cryptocurrency exchange Binance.

President Trump this term has fired most of the people involved in processing Freedom of Information Act (FOIA) requests for government agencies.

CONSUMER PROTECTION, PRIVACYAt the beginning of this year, President Trump ordered staffers at the Consumer Financial Protection Bureau (CFPB) to stop most work.

Nevertheless, it emerged in June that the Trump administration has built a central databas…

A decade ago, ending up at one of these parked domains came with a relatively small chance of being redirected to a malicious destination: In 2014, researchers found (PDF) that parked domains redirected users to malicious sites less than five percent of the time — regardless of whether the visitor clicked on any links at the parked page.

Infoblox found parked websites are benign if the visitor arrives at the site using a virtual private network (VPN), or else via a non-residential Internet address.

A defanged list of these typosquatting domains is available here (the dots in the listed domains have been replaced with commas).

“It was often a chain of redirects — one or two domains outside p…

Microsoft today pushed updates to fix at least 56 security flaws in its Windows operating systems and supported software.

This final Patch Tuesday of 2025 tackles one zero-day bug that is already being exploited, as well as two publicly disclosed vulnerabilities.

Despite releasing a lower-than-normal number of security updates these past few months, Microsoft patched a whopping 1,129 vulnerabilities in 2025, an 11.9% increase from 2024.

The zero-day flaw patched today is CVE-2025-62221, a privilege escalation vulnerability affecting Windows 10 and later editions.

For anyone seeking a more granular breakdown of the security updates Microsoft pushed today, check out the roundup at the SANS In…

A sprawling academic cheating network turbocharged by Google Ads that has generated nearly $25 million in revenue has curious ties to a Kremlin-connected oligarch whose Russian university builds drones for Russia’s war against Ukraine.

UK companies belonging to the group that have been shut down by Google Ads since Jan 2025 include:–Proglobal Solutions LTD (advertised nerdifyit[.

Currently active Google Ads accounts for the Nerdify brands include:-OK Marketing LTD (advertising geekly-hub[.

For a number of years, Lobov and Perkon co-produced a cross-cultural event in the U.K. called Russian Film Week.

While Synergy University promotes itself as Russia’s largest private educational institutio…

The phishing domains are being promoted by scam messages sent via Apple’s iMessage service or the functionally equivalent RCS messaging service built into Google phones.

The website scanning service urlscan.io shows thousands of these phishing domains have been deployed in just the past few days alone.

Pivoting off these T-Mobile phishing domains in urlscan.io reveals a similar scam targeting AT&T customers:Ford Merrill works in security research at SecAlliance, a CSIS Security Group company.

CAVEAT EMPTORMany SMS phishing or “smishing” domains are quickly flagged by browser makers as malicious.

“The fake e-commerce sites are tough because a lot of them can fly under the radar,” Merrill sai…

A prolific cybercriminal group that calls itself “Scattered LAPSUS$ Hunters” has dominated headlines this year by regularly stealing data from and publicly mass extorting dozens of major corporations.

Scattered LAPSUS$ Hunters (SLSH) is thought to be an amalgamation of three hacking groups — Scattered Spider, LAPSUS$ and ShinyHunters.

But last week, SLSH announced on its Telegram channel the release of their own ransomware-as-a-service operation called ShinySp1d3r.

The individual responsible for releasing the ShinySp1d3r ransomware offering is a core SLSH member who goes by the handle “Rey” and who is currently one of just three administrators of the SLSH Telegram channel.

Incredibly, Rey w…

UNBOXINGCensys’s Ashley said the phone home to China’s Tencent QQ instant messaging service was the first red flag with the Superbox devices she examined.

In July 2025, Google filed a “John Doe” lawsuit (PDF) against 25 unidentified defendants dubbed the “BadBox 2.0 Enterprise,” which Google described as a botnet of over ten million Android streaming devices that engaged in advertising fraud.

Several of the Android streaming devices flagged in Google’s lawsuit are still for sale on top U.S. retail sites.

Kilmer said Badbox 2.0 was used as a distribution platform for IPidea, a China-based entity that is now the world’s largest residential proxy network.

-Generic TV streaming devices advertis…

Sixteen months later, however, Mozilla is still promoting Onerep.

This week, Mozilla announced its partnership with Onerep will officially end next month.

In a statement published Tuesday, Mozilla said it will soon discontinue Monitor Plus, which offered data broker site scans and automated personal data removal from Onerep.

Mozilla said current Monitor Plus subscribers will retain full access through the wind-down period, which ends on Dec. 17, 2025.

Shelest released a lengthy statement wherein he acknowledged maintaining an ownership stake in Nuwber, a data broker he founded in 2015 — around the same time he launched Onerep.

What followed was a textbook example of how modern romance scams can operate.

But rather than hiding in the darkness like some shadowy criminal, Dr. Abhulimhen presented himself as a globe-trotting philanthropist and businessman, rubbing shoulders with powerful Nigerian officials and international figures.

The FBI's Internet Crime Complaint Center consistently ranks romance scams amongst the costliest forms of cybercrime, whilst UK victims lost over £92 million to romance fraud in 2023 alone.

Whether Ikeji or Dr. Abhulimhen will face justice remains unclear.

But at least one fake prince has discovered that his Nigerian mansion offers rather less sanctuary than he had hoped.

24-year-old Rui-Siang Lin operated Incognito Market under the alias "Pharaoh" from October 2020 until March 2024, facilitating over $105 million in illegal drug sales to more than 400,000 customers across the globe.

Things turned deadly in January 2022 when Lin allowed the sale of opiates on Incognito Market.

In March 2024, Lin abruptly shut down Incognito Market without warning, stealing at least US $1 million in user deposits.

In May 2024, Lin was arrested when he flew into New York's JFK Airport en route to Singapore, and subsequently pleaded guilty to drugs-related charges and money laundering.

US District Judge Colleen McMahon has now given Lin a 30-year prison sentence, describing Inc…

Supposedly redacted Jeffrey Epstein files can still reveal exactly who they’re talking about – especially when AI, LinkedIn, and a few biographical breadcrumbs do the heavy lifting.

All this, and much more, in episode 453 of Smashing Security with cybersecurity veteran Graham Cluley and special guest Tricia Howard.

Support the show:You can help the podcast by telling your friends and colleagues about “Smashing Security”, and leaving us a review on Apple Podcasts or Podchaser.

Join Smashing Security PLUS for ad-free episodes and our early-release feed!

Follow Graham Cluley on LinkedIn, Bluesky, or Mastodon to read more of the exclusive content we post.

The FBI has seized control of RAMP, a notorious cybercrime online forum that bragged to be "the only place ransomware allowed."

The seizure banner comes complete with a cheeky addition - a winking Masha from the popular Russian children's TV cartoon series "Masha and the Bear."

Many infamous ransomware groups, such as ALPHV/BlackCat, Qilin, DragonForce, and RansomHub would use the RAMP platform to promote their operations.

Following the seizure of RAMP, another of the forum's alleged operators, confirmed the takedown in a posting on another hacking forum.

As Flare reports, "Stallman" has indicated that the cybercriminal activity conducted through RAMP would continue through other channels.

Imagine the scene. It's a cold Monday morning in Moscow. You walk out to your car, coffee in hand, ready to face the day. You press the button to unlock your car, and ... nothing happens. You try again. Still nothing. The alarm starts blaring. You can't turn it off. Read more in my article on the Fortra blog.

All this and more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veteran Graham Cluley, joined this week by special guest Joe Tidy.

Smashing Security listeners get $1000 off!

Support the show:You can help the podcast by telling your friends and colleagues about “Smashing Security”, and leaving us a review on Apple Podcasts or Podchaser.

Join Smashing Security PLUS for ad-free episodes and our early-release feed!

Follow us:Follow the show on Bluesky, or join us on the Smashing Security subreddit, or visit our website for more episodes.

Police in Hungary and Romania have arrested four young men suspected of making hoax bomb threats and terrorising internet users through SWATting and doxing attacks.

SWATting is a particularly underhand way of making someone else's day a misery – without having to leave your home.

Secondly, the phone numbers were spoofed when making threatening calls to police, effectively directing emergency services to their door.

Hungarian police are keen to underline that SWATting and doxing are serious criminal offences that endanger lives, and are not harmless pranks.

"The police emphasise that swatting and doxing are serious crimes that endanger the lives of others and are not a joke," reads the press…

Security researchers have uncovered at least 16 malicious Chrome extensions masquerading as handy ChatGPT productivity tools.

Instead, they hook into the Chrome browser, and intercept outgoing data that contains users' authentication details.

My advice is to check if you have installed any ChatGPT-related browser extensions recently, and remove any that you have concerns over.

The security researchers who uncovered the malware campaign have listed the names of the extensions that have been identified so far (although, of course, it is possible that more have been used - or could still be):ChatGPT folder, voice download, prompt manager - ChatGPT ModsChatGPT voice download, TTS download - Cha…

In episode 85 of The AI Fix, Graham discovers that Silicon Valley has the solution to your pet’s mental health crisis, and Mark explains why AI godfather Yann LeCun thinks the entire AI industry is wrong about LLMs.

All this and much more is discussed in the latest edition of “The AI Fix” podcast by Graham Cluley and Mark Stockley.

You can also help the podcast by telling your friends and colleagues about “The AI Fix”, and leaving us a review on Apple Podcasts or Podchaser.

If you would like to further support the podcast, and gain access to ad-free episodes, become a supporter by joining The AI Fix Plus!

Follow Graham Cluley on LinkedIn, Bluesky, or Mastodon to read more of the exclusive c…

It has just been a few weeks since we reported on the Christmas cyber attack suffered by the European Space Agency (ESA), and the situation has already become worse.

In light of the latest data breach to impact ESA, the December 2025 incident doesn't look too bad.

Furthermore, this latest breach reportedly involves data that might be more concerning - such as operational procedures, spacecraft and mission details, subsystems documentation, and proprietary contractor data from ESA partners including SpaceX, Airbus Group, and Thales Alenia Space.

As a consequence of this latest incident, ESA has now confirmed that a criminal investigation is underway.

Some have suggested that poor cybersecuri…

All this, and much more, in this episode of the “Smashing Security” podcast with Graham Cluley, and special guest Ray [REDACTED]Host:Graham Cluley:@grahamcluley.com @ *protected email* / grahamcluleyGuest:Ray Redacted:@rayredacted.comEpisode links:Sponsored by:Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money.

Smashing Security listeners get $1000 off!

Support the show:You can help the podcast by telling your friends and colleagues about “Smashing Security”, and leaving us a review on Apple Podcasts or Podchaser.

Join Smashing Security PLUS for ad-free episodes and our early-release feed!

Follow us:Follow the show on Blu…

The UK's National Cyber Security Centre (NCSC) has issued a warning about the threat posed by distributed denial-of-service (DDoS) attacks from Russia-linked hacking groups who are reported to be continuing to target British organisations.

The denial-of-service attacks are typically not highly sophisticated, but can still successfully cause disruption to IT systems, and cost organisations a significant amount of time and money as they attempt to respond or recover.

The most obviously visible symptom of a basic denial-of-service attack can be that a website is no longer accessible, as hackers flood it with unwanted traffic, making it impossible for legitimate users to reach the resource.

As …

Oh, and AI has managed to crack some famously unsolved maths problems in minutes, and Grok gains access to all of the Pentagon’s networks?

All this and much more is discussed in the latest edition of “The AI Fix” podcast by Graham Cluley and Mark Stockley.

You can also help the podcast by telling your friends and colleagues about “The AI Fix”, and leaving us a review on Apple Podcasts or Podchaser.

If you would like to further support the podcast, and gain access to ad-free episodes, become a supporter by joining The AI Fix Plus!

Follow Graham Cluley on LinkedIn, Bluesky, or Mastodon to read more of the exclusive content we post.

We can no longer say that artificial intelligence is a "future risk", lurking somewhere on a speculative threat horizon. The truth is that it is a fast-growing cybersecurity risk that organizations are facing today. That's not just my opinion, that's also the message that comes loud and clear from the World Economic Forum's newly-published "Global Cybersecurity Outlook 2026." Read more in my article on the Fortra blog.

All this, and much more, in episode 450 of the “Smashing Security” podcast with Graham Cluley, and special guest Monica Verma.

Smashing Security #450:From Instagram panic to Grok gone wild [Your browser does not support the audio element]Host:Graham Cluley:@grahamcluley.com @ *protected email* / grahamcluleyGuest:Monica Verma:/ monicavermaEpisode links:Sponsored by:Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money.

Smashing Security listeners get $1000 off!

Join Smashing Security PLUS for ad-free episodes and our early-release feed!

Follow us:Follow the show on Bluesky, or join us on the Smashing Security subreddit, or v…

За последние два месяца были обнаружены сразу три уязвимости, эксплуатация которых позволяет обходить аутентификацию в продуктах Fortinet с использованием механизма FortiCloud SSO.

Эти уязвимости позволяют злоумышленникам с учетной записью FortiCloud логиниться в чужие аккаунты FortiOS, FortiManager, FortiAnalyzer, FortiProxy и FortiWeb, если на устройстве включена функция SSO.

Правила уже доступны клиентам для скачивания в репозитории KUMA; название пакета: [OOTB] FortiCloud SSO abuse package – ENG.

По мере появления новых отчетов об атаках мы планируем дополнять новой информацией правила с пометкой IOC.

Дополнительные рекомендацииМы также рекомендуем использовать правила из пакета FortiCl…

В наши дни технологии создания поддельных видео- и голосовых сообщений стали доступны каждому, и мошенники активно осваивают технологии дипфейков.

Ранее мы уже рассказывали, как отличить настоящее фото или видео от фейка и отследить его происхождение до момента съемки или генерации.

Теперь давайте разберем, как злоумышленники создают и используют дипфейки в реальном времени, как распознать подделку без сложной экспертизы и защитить себя и близких от «атаки клонов».

Как делают дипфейкиИсходный материал для дипфейков мошенники собирают из открытых источников — вебинаров, публичных видео в соцсетях и каналах, онлайн-выступлений.

«Мама, нужны деньги прямо сейчас, я попал в аварию»; «Нет времени…

У разных вендоров наполнение такой базы может сильно отличаться как по объему, так и по качеству.

Динамическая атрибуция — выявление TTP методом динамического анализа конкретных файлов c последующим сопоставлением множества обнаруженных TTP с TTP известных группировок.

Динамическая атрибуцияВыявление TTP в процессе динамического анализа проще в реализации, такая функциональность уже давно является неотъемлемой функциональностью всех современных «песочниц».

Тот, кто касается хобота, считает, что это удав, тот кто трогает туловище, уверен, что это стена, и так далее.

Результат атрибуции проверяется на ложноположительные связи с базой в миллиард легитимных файлов; при совпадении с любым из них…

Надеяться исключительно на средства защиты учетных записей и парольные политики — не вариант.

И в очередном обновлении мы продолжили развитие системы в том же направлении, добавив использование ИИ-подходов.

Сейчас же в новой версии SIEM c новым коррелятором появилась возможность реализовать детектирование угона учетной записи при помощи одного специализированного правила.

Поэтому в версии 4.2 мы сделали еще один шаг в сторону практичности и адаптивности платформы.

Новый коррелятор и, как следствие, повышение устойчивости платформыВ релизе 4.2 мы представили бета-версию нового корреляционного движка (2.0).

В этом месте обеспокоенные технологиями родители уже могут вспомнить о нашумевшем случае с ChatGPT, когда ИИ от OpenAI довел подростка до самоубийства.

Как исследователи тестировали ИИ-игрушкиИсследование, результаты которого мы разберем ниже, подробно рассказывает о рисках для детской психики, связанных с «дружбой» с умной игрушкой.

Miko 3, как и Grok, всегда слушает происходящее вокруг и активируется при обращении — примерно так же, как это работает у голосовых ассистентов.

Исследователи также отмечают, что ИИ-медведь не побуждал «ребенка» делиться личными переживаниями, не обещал хранить секреты и не создавал иллюзию приватного общения.

С другой стороны, производители этой игрушки не даю…

Удобную методичку по этому вопросу выпустил некоммерческий проект OWASP, разрабатывающий рекомендации по безопасной разработке и внедрению ПО.

Злоумышленники используют методы промпт-инъекций или поддельные данные, чтобы перенастроить агента на выполнение вредоносных действий.

Злоумышленник отправляет промпт, который под предлогом тестирования кода заставляет агента с возможностью «вайб-кодинга» загрузить команду с помощью curl и передать ее на вход bash.

Такой «отравленный» контекст искажает дальнейшие рассуждения агента и выбор инструментов.

Используйте внешние шлюзы безопасности (intent gates) для проверки планов и аргументов агента на соответствие жестким правилам безопасности перед их …

На самом деле происходит не установка из магазина приложений, а загрузка приложения в пакете APK.

В России проблема «левых» загрузок усложняется тем, что многие повседневные приложения, в первую очередь банковские, более недоступны в Google Play.

«Прямой NFC» — мошенник связывается с жертвой в мессенджере и уговаривает скачать приложения якобы для подтверждения личности в банке.

Права, которые и в самом деле нужны приложению такого класса, прекрасно подходят для перехвата данных и махинаций с посещаемыми веб-сайтами.

), перенаправлять пользователя на сайты с рекламой и запускать прямо на телефоне прокси, чтобы злоумышленники могли попадать на любые сайты от лица жертвы.

Это связано с тем, что знания ИИ не хранятся в виде отдельных фрагментов, которые можно легко удалить.

Как и на каких моделях проводилось исследование?

При этом в промптах изменялась исключительно стилистика подачи: никаких дополнительных техник атаки, стратегий обфускации или адаптаций под конкретные модели в эксперименте не использовалось.

Исследователи протестировали 1200 промптов на 25 разных моделях — как в прозаическом, так и в поэтическом варианте.

Если следовать этому методу оценки, то поэзия увеличивает вероятность ответа на небезопасный промпт в среднем на 35%.

Чтобы сопрячь со смартфоном новую гарнитуру, поддерживающую эту технологию, достаточно включить ее и поднести к смартфону.

Вредоносное устройство — обычный смартфон или ноутбук атакующего — транслирует запросы Google Fast Pair и пытается соединиться с BT-устройствами в радиусе 14 метров.

Эта функция, Google Find Hub, аналогична FindMy от Apple, и создает такие же риски несанкционированной слежки, как и вредоносные AirTag.

Тем, кто пользуется Android-смартфонами и сопрягал с ними свою уязвимую гарнитуру с помощью Fast Pair, этот вариант атаки не грозит, ведь они сами записаны как владельцы устройства.

Вероятнее всего, обновленные смартфоны больше не транслируют положение аксессуаров, угнанны…

Хотя первопричина ошибки проста и понятна, ее устранение потребует обширных и систематизированных усилий, причем как от государств и международных структур, так и от конкретных организаций и частных лиц.

В ряде случаев, впрочем, возможно более короткое «путешествие во времени» — в точку 0, то есть в 1970 год.

Злонамеренная эксплуатация Y2K38Командам ИТ и ИБ стоит относиться к Y2K38 не как к простой программной ошибке, а как к уязвимости, которая может приводить к различным сбоям, включая отказ в обслуживании.

В базах данных тоже мозаика: тип TIMESTAMP в MySQL фундаментально ограничен 2038 годом и требует миграции на DATETIME, в то время как стандартные типы timestamp в PostgreSQL безопасны.…

И самое «веселое» тут то, что отвечать приходится не только за свой периметр, но и, фигурально выражаясь, «за того парня».

И в отчете четко написано, кто не только обещает, но и реально делает.

Не редкость, но и не массовая фича — только семь производителей кроме нас ее поддерживают.

И что это пустая трата денег, и что это никому не нужно.

Мы задали этот тренд, мы его возглавили, и мы будем его тащить дальше.

Но куда большую тревогу вызывает характер контента в этих базах.

Сайт компании, помимо прочего, дает возможность использовать инструменты для генерации изображений и контента с помощью ИИ.

Эти инструменты позволяли пользователям генерировать картинки по текстовому описанию, редактировать загруженные фотографии и выполнять различные визуальные манипуляции, включая создание откровенного контента и подстановку лиц.

Именно с этими инструментами была связана утечка, а база данных содержала результаты их работы, включая сгенерированные и отредактированные с помощью ИИ изображения.

Часть изображений заставила исследователя предположить, что они были загружены в ИИ в качестве референсов для создани…

Благодаря удобству технологии NFC и оплаты смартфоном, в наши дни многие вообще перестали носить кошелек и не могут вспомнить ПИН-код от банковской карты.

Что такое ретрансляция NFC и NFCGateРетрансляция NFC — это техника, при которой данные, бесконтактно передаваемые между источником (например, банковской картой) и приемником (например, платежным терминалом), перехватываются на одном промежуточном устройстве и в реальном времени передаются на другое.

Оно предназначалось для анализа и отладки NFC-трафика, а также для обучения и экспериментов с бесконтактными технологиями.

В мае 2025 года попытки применения SuperCard X были зафиксированы и в России, а в августе — в Бразилии.

Впоследствии вре…

За словами «заманивают» и «предлагают» скрывается широкий спектр тактик: почтовые рассылки, сообщения в мессенджерах и посты в соцсетях, напоминающие официальную рекламу, сайты-двойники, продвигаемые в поисковых системах инструментами SEO и даже платной рекламой.

Особенно остро эта проблема стоит для IT-компаний, продающих онлайн-сервисы, но актуальна и для розничных брендов.

Особенно остро эта проблема стоит для IT-компаний, продающих онлайн-сервисы, но актуальна и для розничных брендов.

Из перечисленных нами косвенных потерь покрытие стандартной страховкой может компенсировать расходы на DFIR и в ряде случаев на клиентскую поддержку (если ситуация признана страховым случаем).

Как защитить…

This is the reality for the Cisco Event SOC team at major conferences like RSAC™ Conference, Black Hat, and Cisco Live.

We are thrilled to announce the launch of our new Cisco Event SOCs website and the release of our comprehensive Reference Architecture & Operations Guide.

What You Will Find on the WebsiteVisiting the new Cisco Event SOCs hub gives you a front-row seat to our operations.

The Guide: A Blueprint for ResilienceThe centerpiece of this launch is the Cisco Event SOCs: A Reference Architecture & Operations Guide.

Visit the website today to explore the architecture and download the full Cisco Event SOCs: A Reference Architecture & Operations Guide.

Imagine a future where today’s most secure data, from financial records to national secrets, could be instantly deciphered.

Powerful quantum computers known as cryptographically relevant quantum computers (CRQC) will compromise public-key cryptography, putting encrypted data and secure communications at risk.

The Hidden Risk: Trust CollapseBeyond data confidentiality lies a more systemic and immediate quantum risk: foundational trust breakdown.

While securing network traffic is paramount, a truly quantum-safe posture requires more than protecting data in transit.

In our next blog, we’ll dive deeper into each pillar, starting with Secure Communications and turning to Secure Products.

The UK’s Cyber Security & Resilience Bill and Government Cyber Action Plan mark a pivotal moment in our collective approach to digital resilience.

At Cisco, we’re honored to serve as an ambassador for their Software Security Code of Practice, a voluntary initiative that addresses one of the most pressing challenges facing both public and private sectors: securing the software supply chain.

Strengthening Resilient InfrastructureOur ambassador role is a natural extension of our commitment to secure software development and resilient infrastructure.

We can no longer afford to treat software security as an afterthought or a competitive differentiator.

The Software Security Code of Practice prov…

The Cisco Foundation AI team introduces a novel approach to information retrieval designed to tackle the shortcomings of current search.

At its core, our framework empowers compact models (from 350M – 1.2B parameters) to:Learn diverse search strategies: Through a process of observing and learning from various search behaviors, the framework models understand how to approach different types of queries.

Through a process of observing and learning from various search behaviors, the framework models understand how to approach different types of queries.

Refine queries based on feedback: The system learns to adjust its search queries dynamically, incorporating insights from previously retrieved …

Foundation-sec-8B-Reasoning is an 8-billion-parameter reasoning model purpose-built for cybersecurity workflows.

Elevating Security ReasoningEffective cybersecurity analysis requires deep, multi-layered reasoning.

Generic reasoning models can assist, but they may lack the ability to understand the specific logic and structure of security workflows.

The model is built to support security workflows that demand logical reasoning, including tasks like threat modeling, attack path analysis, risk evaluation, and security architecture review.

To explore how Foundation-sec-8b-Reasoning can be applied across real-world security workflows, check out the use case cookbook on our public Github reposito…

That’s why we’re thrilled to announce the release of The PEAK Threat Hunting Assistant, an innovative, open-source tool designed to transform and accelerate the research and planning of hypothesis-driven threat hunts.

The Solution: An Intelligent, Agentic AssistantThe PEAK Threat Hunting Assistant is a game-changer for those struggling to find the time to properly research and plan their hunts.

Empowering Threat Hunters of All LevelsThe PEAK Threat Hunting Assistant is designed for threat hunters at every stage of their career.

Get Started TodayThe PEAK Threat Hunting Assistant leverages agentic AI, empowering threat hunters of all levels to conduct high-quality, human-guided research quick…

Cisco is addressing this challenge by advancing agentic security systems that combine reasoning, adaptive retrieval, and human oversight to support real world security operations at scale.

Through recent innovations from Cisco Foundation AI, including the Foundation-sec-8B-Reasoning model, adaptive retrieval framework for AI search, and the PEAK Threat Hunting Assistant, Cisco is establishing leadership in secure, agentic AI systems designed specifically for cybersecurity use cases.

From Models to Agentic Security SystemsTraditional AI systems primarily operate through single step inference.

Cisco Foundation AI is focused on delivering the core capabilities required for these systems, ensur…

As we navigate an increasingly interconnected world, the conversation around privacy and data governance continues to evolve at a breathtaking pace.

This isn’t just about risk mitigation; it’s about trust, unlocking growth, and showing that privacy is a vital part of data infrastructure that drives innovation.

Looking ahead, an impressive 93% plan to allocate even more resources to privacy and data governance to manage the growing complexity of AI systems and related risks.

The Cisco 2026 Data and Privacy Benchmark Study reveals an enterprise landscape in transition, where privacy, AI, data governance, and cybersecurity are converging under a single principle: trust.

I encourage you to expl…

In response, Cisco is the first hybrid mesh firewall vendor to introduce intent-based policy management across multi-vendor firewalls through Cisco Security Cloud Control with Mesh Policy Engine.

Mesh Policy Engine handles the determination of what device should get what policy, then deploys it.

Cisco Hybrid Mesh Firewall continues to expand what’s possible in firewall policy management, empowering organizations to move faster, stay secure, and maintain clarity in an ever-changing IT landscape.

See how Mesh Policy Engine can help you adopt Cisco Hybrid Mesh Firewall more easily.

Register for a hybrid mesh firewall design clinic.

The Microsoft Defender Research Team observed a multi‑stage intrusion where threat actors exploited internet‑exposed SolarWinds Web Help Desk (WHD) instances to get an initial foothold and then laterally moved towards other high-value assets within the organization.

Technical detailsThe Microsoft Defender Research Team identified active, in-the-wild exploitation of exposed SolarWinds Web Help Desk (WHD).

Update WHD CVE-2025-40551, CVE-2025-40536 and CVE-2025-26399, remove public access to admin paths, and increase logging on Ajax Proxy.

Microsoft Defender XDR detectionsMicrosoft Defender provides pre-breach and post-breach coverage for this campaign.

Tactic Observed activity Microsoft Defen…

The Microsoft Defender Research Team observed a multi‑stage intrusion where threat actors exploited internet‑exposed SolarWinds Web Help Desk (WHD) instances to get an initial foothold and then laterally moved towards other high-value assets within the organization.

Technical detailsThe Microsoft Defender Research Team identified active, in-the-wild exploitation of exposed SolarWinds Web Help Desk (WHD).

Update WHD CVE-2025-40551, CVE-2025-40536 and CVE-2025-26399, remove public access to admin paths, and increase logging on Ajax Proxy.

Microsoft Defender XDR detectionsMicrosoft Defender provides pre-breach and post-breach coverage for this campaign.

Tactic Observed activity Microsoft Defen…

In January 2026, Microsoft Defender Experts identified a new evolution in the ongoing ClickFix campaign.

This updated tactic deliberately crashes victims’ browsers and then attempts to lure users into executing malicious commands under the pretext of restoring normal functionality.

This script leverages pythonw.exe to execute the malicious Python payload covertly, avoiding visible console windows and reducing user suspicion.

]com/scl/fi/znygol7goezlkhnwazci1/a1.zip URL Adversary hosted python payload 158[.]247[.]252[.

ReferencesThis research is provided by Microsoft Defender Security Research with contributions from Sai Chakri Kandalai and Kaustubh Mangalwedhekar.

That gap is where cyberattackers operate most effectively, and it is the gap that Operation Winter SHIELD is designed to address as a collaborative effort across the public and private sector.

Why Operation Winter SHIELD mattersOperation Winter SHIELD is a nine-week cybersecurity initiative led by the FBI Cyber Division beginning February 2, 2026.

That perspective aligns with what we see through Microsoft Threat Intelligence and Microsoft Incident Response.

Operation Winter SHIELD offers an opportunity to drive systematic improvement to one control area at a time.

Also, follow us on LinkedIn (Microsoft Security) and X (@MSFTSecurity) for the latest news and updates on cybersecurity.

That gap is where cyberattackers operate most effectively, and it is the gap that Operation Winter SHIELD is designed to address as a collaborative effort across the public and private sector.

Why Operation Winter SHIELD mattersOperation Winter SHIELD is a nine-week cybersecurity initiative led by the FBI Cyber Division beginning February 2, 2026.

That perspective aligns with what we see through Microsoft Threat Intelligence and Microsoft Incident Response.

Operation Winter SHIELD offers an opportunity to drive systematic improvement to one control area at a time.

Also, follow us on LinkedIn (Microsoft Security) and X (@MSFTSecurity) for the latest news and updates on cybersecurity.

Our research highlights several key properties of language model backdoors, laying the groundwork for a practical scanner designed to detect backdoored models at scale and improve overall trust in AI systems.

Detecting whether an LLM has been poisoned is inherently challenging because backdoored models behave normally under almost all conditions.

We therefore break the problem into two questions:First, do backdoored models behave in ways that are systematically different from clean models?

We find that trigger tokens tend to “hijack” the attention of backdoored models, creating a distinctive double triangle pattern.

Language models tend to memorize parts of their training data, and backdoor…

Why AI changes the security landscapeAI security versus traditional cybersecurityAI security introduces complexities that go far beyond traditional cybersecurity.

Loss of granularity and governance complexityAI dissolves the discrete trust zones assumed by traditional SDL.

Multidisciplinary collaborationMeeting AI security needs requires a holistic approach across stack layers historically outside SDL scope, including Business Process and Application UX.

What’s new in SDL for AIMicrosoft’s SDL for AI introduces specialized guidance and tooling to address the complexities of AI security.

Microsoft SDL for AI can help you build trustworthy AI systemsEffective SDL for AI is about continuous im…

We provide comprehensive detection coverage through Microsoft Defender XDR and actionable guidance to help organizations detect, mitigate, and respond to these evolving threats.

Due to this, Microsoft Defender Experts observed multiple Python-based infostealer campaigns over the past year.

These recommendations draw from established Defender blog guidance patterns and align with protections offered across Microsoft Defender XDR.

Microsoft Defender XDR detectionsMicrosoft Defender XDR customers can refer to the list of applicable detections below.

]carrd.co URL Used in make network connection and subsequent redirection in (PXA Stealer: Campaign 2) hxxps://erik22jomk77[.

We provide comprehensive detection coverage through Microsoft Defender XDR and actionable guidance to help organizations detect, mitigate, and respond to these evolving threats.

Due to this, Microsoft Defender Experts observed multiple Python-based infostealer campaigns over the past year.

These recommendations draw from established Defender blog guidance patterns and align with protections offered across Microsoft Defender XDR.

Microsoft Defender XDR detectionsMicrosoft Defender XDR customers can refer to the list of applicable detections below.

]carrd.co URL Used in make network connection and subsequent redirection in (PXA Stealer: Campaign 2) hxxps://erik22jomk77[.

Equally important is securing the AI application supply chain, including the frameworks, SDKs, and orchestration layers used to build and operate these systems.

The recent disclosure of CVE-2025-68664, known as LangGrinch, in LangChain Core highlights the importance of securing the AI supply chain.

Microsoft Defender provides visibility into vulnerable AI workloads through its Cloud Security Posture Management (Defender CSPM).

Microsoft Defender is actively working to expand coverage to additional platforms and this blog will be updated when more information is available.

Hunting queriesMicrosoft Defender XDRSecurity teams can use the advanced hunting capabilities in Microsoft Defender XDR …

Equally important is securing the AI application supply chain, including the frameworks, SDKs, and orchestration layers used to build and operate these systems.

The recent disclosure of CVE-2025-68664, known as LangGrinch, in LangChain Core highlights the importance of securing the AI supply chain.

Microsoft Defender provides visibility into vulnerable AI workloads through its Cloud Security Posture Management (DCSPM).

Microsoft Defender is actively working to expand coverage to additional platforms and this blog will be updated when more information is available.

Hunting queriesMicrosoft Defender XDRSecurity teams can use the advanced hunting capabilities in Microsoft Defender XDR to proac…

This post outlines an AI-assisted workflow for detection analysis designed to accelerate detection engineering.

The system accepts multiple content types and processes them through three main stages: TTP extraction, MITRE ATT&CK mapping, and detection coverage analysis.

In federated environments, detections may come from multiple repositories, so this standardization streamlines access during detection mapping.

Because the analysis relies on extracted text and metadata, which may be ambiguous, these mappings do not guarantee detection coverage.

By combining the speed of AI with expert review and validation, organizations can scale detection coverage analysis more effectively, even during pe…

This post outlines an AI-assisted workflow for detection analysis designed to accelerate detection engineering.

The system accepts multiple content types and processes them through three main stages: TTP extraction, MITRE ATT&CK mapping, and detection coverage analysis.

In federated environments, detections may come from multiple repositories, so this standardization streamlines access during detection mapping.

Because the analysis relies on extracted text and metadata, which may be ambiguous, these mappings do not guarantee detection coverage.

By combining the speed of AI with expert review and validation, organizations can scale detection coverage analysis more effectively, even during pe…

In the 2026 Microsoft Data Security Index report, we explored one of the most pressing questions facing today’s organizations: How can we harness the power of AI while safeguarding sensitive data?

This year, the Data Security Index report builds upon the responses of more than 1,700 security leaders to highlight three critical priorities for protecting organizational data and securing AI adoption:Moving from fragmented tools to unified data security.

Managing AI-powered productivity securelyGenerative AI is already influencing data security incident patterns: 32% of surveyed organizations’ data security incidents involve the use of generative AI tools.

Strengthening data security with gener…

That’s why we're committed to providing multi-layered defenses that help protect you before, during, and after a theft attempt.

Today, we're announcing a powerful set of theft protection feature updates that build on our existing protections, designed to give you greater peace of mind by making your device a much harder target for criminals.

These updates are now available for Android devices running Android 16+.

More User Control for Failed Authentications: In Android 15, we launched Failed Authentication Lock, a feature that automatically locks the device's screen after excessive failed authentication attempts.

This feature is now getting a new dedicated enable/disable toggle in settings,…

These initiatives, driven by Ballots SC-080, SC-090, and SC-091, will sunset 11 legacy methods for Domain Control Validation.

What’s Domain Control Validation?

Domain Control Validation is a security-critical process designed to ensure certificates are only issued to the legitimate domain operator.

Sunsetted methods relying on email:Sunsetted methods relying on phone:Sunsetted method relying on a reverse lookup:For everyday users, these changes are invisible - and that’s the point.

These changes push the ecosystem toward standardized (e.g., ACME), modern, and auditable Domain Control Validation methods.

Partnership with ArmOur goal is to raise the bar on GPU security, ensuring the Mali GPU driver and firmware remain highly resilient against potential threats.

We partnered with Arm to conduct an analysis of the Mali driver, used on approximately 45% of Android devices.

This approach allowed us to roll out the new security policy broadly while minimizing the impact on developers.

This effort spans across Android and Android OEMs, and required close collaboration with Arm.

The Android security team is committed to collaborating with ecosystem partners to drive broader adoption of this approach to help harden the GPU.

We built on Gemini's existing protections and agent security principles and have implemented several new layers for Chrome.

To further bolster model alignment beyond spotlighting, we’re introducing the User Alignment Critic — a separate model built with Gemini that acts as a high-trust system component.

A flow chart that depicts the User Alignment Critic: a trusted component that vets each action before it reaches the browser.

The User Alignment Critic runs after the planning is complete to double-check each proposed action.

Looking forwardThe upcoming introduction of agentic capabilities in Chrome brings new demands for browser security, and we've approached this challenge with the same ri…

Android uses the best of Google AI and our advanced security expertise to tackle mobile scams from every angle.

Over the last few years, we’ve launched industry-leading features to detect scams and protect users across phone calls, text messages and messaging app chat notifications.

To help combat these types of financial scams, we launched a pilot earlier this year in the UK focused on in-call protections for financial apps.

The UK pilot of Android’s in-call scam protections has already helped thousands of users end calls that could have cost them a significant amount of money.

We’ve also started to pilot this protection with more app types, including peer-to-peer (P2P) payment apps.

Secure by DesignWe built Quick Share’s interoperability support for AirDrop with the same rigorous security standards that we apply to all Google products.

Secure Sharing Channel: The communication channel itself is hardened by our use of Rust to develop this feature.

On Android, security is built in at every layer.

On Android, security is built in at every layer.

Secure Sharing Using AirDrop's "Everyone" ModeTo ensure a seamless experience for both Android and iOS users, Quick Share currently works with AirDrop's "Everyone for 10 minutes" mode.

Our first rust memory safety vulnerability...almost: We'll analyze a near-miss memory safety bug in unsafe Rust: how it happened, how it was mitigated, and steps we're taking to prevent recurrence.

Our First Rust Memory Safety Vulnerability...AlmostWe recently avoided shipping our very first Rust-based memory safety vulnerability: a linear buffer overflow in CrabbyAVIF.

Unsafe Review and TrainingOperating system development requires unsafe code, typically C, C++, or unsafe Rust (for example, for FFI and interacting with hardware), so simply banning unsafe code is not workable.

Dmytro Hrybenko for leading the effort to develop training for unsafe Rust and for providing extensive feedback on …

Survey shows Android users’ confidence in scam protectionsGoogle and YouGov3 surveyed 5,000 smartphone users across the U.S., India, and Brazil about their experiences.

The findings were clear: Android users reported receiving fewer scam texts and felt more confident that their device was keeping them safe.

Android users were 58% more likely than iOS users to say they had not received any scam texts in the week prior to the survey.

As an extra safeguard, Google Messages also helps block suspicious links in messages that are determined to be spam or scams.

As an extra safeguard, Google Messages also helps block suspicious links in messages that are determined to be spam or scams.

What's worse, many plaintext HTTP connections today are entirely invisible to users, as HTTP sites may immediately redirect to HTTPS sites.

To address this risk, we launched the “Always Use Secure Connections” setting in 2022 as an opt-in option.

We now think the time has come to enable “Always Use Secure Connections” for all users by default.

For more than a decade, Google has published the HTTPS transparency report, which tracks the percentage of navigations in Chrome that use HTTPS.

Since HTTP navigations remain a regular occurrence for most Chrome users, a naive approach to warning on all HTTP navigations would be quite disruptive.

To help accelerate adoption of AI for cybersecurity workflows, we partnered with Airbus at DEF CON 33 to host the GenSec Capture the Flag (CTF), dedicated to human-AI collaboration in cybersecurity.

Our goal was to create a fun, interactive environment, where participants across various skill levels could explore how AI can accelerate their daily cybersecurity workflows.

An overwhelming 85% of all participants found the event useful for learning how AI can be applied to security workflows.

This positive feedback highlights that AI-centric CTFs can play a vital role in speeding up AI education and adoption in the security community.

We are committed to advancing the AI cybersecurity frontier…

This page appears when Google automatically detects requests coming from your computer network which appear to be in violation of the Terms of Service .

The block will expire shortly after those requests stop.

In the meantime, solving the above CAPTCHA will let you continue to use our services.This traffic may have been sent by malicious software, a browser plug-in, or a script that sends automated requests.

If you share your network connection, ask your administrator for help — a different computer using the same IP address may be responsible.

Learn more Sometimes you may be asked to solve the CAPTCHA if you are using advanced terms that robots are known to use, or sending requests very qu…

At Made by Google 2025, we announced that the new Google Pixel 10 phones will support C2PA Content Credentials in Pixel Camera and Google Photos.

Pixel Camera attaches Content Credentials to any JPEG photo capture, with the appropriate description as defined by the Content Credentials specification for each capture mode.

attaches Content Credentials to any JPEG photo capture, with the appropriate description as defined by the Content Credentials specification for each capture mode.

Google Photos attaches Content Credentials to JPEG images that already have Content Credentials and are edited using AI or non-AI tools, and also to any images that are edited using AI tools.

Building a More Trus…

Today marks a watershed moment and new benchmark for open-source security and the future of consumer electronics.

Google is proud to announce that protected KVM (pKVM), the hypervisor that powers the Android Virtualization Framework, has officially achieved SESIP Level 5 certification.

This makes pKVM the first software security system designed for large-scale deployment in consumer electronics to meet this assurance bar.

With this level of security assurance, Android is now positioned to securely support the next generation of high-criticality isolated workloads.

Achieving Security Evaluation Standard for IoT Platforms (SESIP) Level 5 is a landmark because it incorporates AVA_VAN.5, the hi…

Today we're excited to announce OSS Rebuild, a new project to strengthen trust in open source package ecosystems by reproducing upstream artifacts.

Infrastructure definitions to allow organizations to easily run their own instances of OSS Rebuild to rebuild, generate, sign, and distribute provenance.

With an estimated value exceeding $12 trillion, open source software has never been more integral to the global economy.

For publishers and maintainers of open source packages, OSS Rebuild can...

If you're a developer, enterprise, or security researcher interested in OSS security, we invite you to follow along and get involved!

Android recently announced Advanced Protection, which extends Google’s Advanced Protection Program to a device-level security setting for Android users that need heightened security—such as journalists, elected officials, and public figures.

This is particularly useful for Advanced Protection users, since in 2023, plaintext HTTP was used as an exploitation vector during the Egyptian election.

JavaScript Optimizations and Security Advanced Protection reduces the attack surface of Chrome by disabling the higher-level optimizing Javascript compilers inside V8.

Javascript optimizers can be disabled outside of Advanced Protection Mode via the “Javascript optimization & security” Site Setting.

We…