Tag: EN

AI chatbot recommendations lure users to cryptojacking malware sites

Cybercriminals are using AI chatbot interactions alongside poisoned search results to direct users to malicious download sites in an active cryptojacking campaign, Microsoft has warned. The campaign impersonates legitimate software tools such as CrystalDiskInfo, HWMonitor, Display Driver Uninstaller (DDU), FurMark,…

Read more →

7-Eleven Breach: Hackers Claim 600,000 Records Stolen

7-Eleven says a system intrusion exposed franchise applicant data, with reports linking the breach to ShinyHunters and 185,000 affected people. The post 7-Eleven Breach: Hackers Claim 600,000 Records Stolen appeared first on TechRepublic. This article has been indexed from Security…

Read more →

Hidden 4GB AI Model Found Downloading Through Google Chrome

  In what appeared to be a routine background update within Google Chrome, privacy researchers have raised concerns over a potentially problematic update after reports revealed that the browser may have silently downloaded a nearly 4GB artificial intelligence model onto…

Read more →

CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-8398 Daemon Tools Lite Embedded Malicious Code Vulnerability CVE-2026-45321 TanStack Unspecified Vulnerability CVE-2026-48027 Nx Console Embedded Malicious Code Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose…

Read more →

從 Noob 到 Ambassador 的旅程

在這個 AI 能快速回答問題、產生程式碼,甚至分析漏洞的時代,我常常在思考一個問題:學習資安過程中的卡關、反覆嘗試和失敗意味著什麼? 一直以來我都是個很喜歡學習各種有趣東西的人(即使不見得對我現在有用),我的其中一個學習哲學就是:「學習本身就是目的」。我至今仍然無法忘懷當年為了一個簡單的漏洞,苦思冥想奮戰數天,也曾為了弄復現漏洞,投入很長的時間反覆測試和驗證(我相信這是很多資安人曾經或現在的寫照)。 還記得第一次正式接觸資訊安全,是在我大學時期偶然參加的一次 Wargame,以現在的角度來看,簡單到令人驚訝,我還記得第一關,就是對著網頁 F12(或右鍵查看原始碼),Flag 就在當中。不過對於當初非本科系出身的我,彷彿打開了新世界的大門,上一次接觸到類似的東西大概是國小時期的 VB6。 在那場 Wargame 之後,我開始積極的尋找各種平台練習,不出意外,遇到比想像中更多的難關,當時我不會寫程式、對資訊系統的理解幾乎是從零開始,因此我開始回頭從最基礎的Python / TCP / Linux 指令開始,在那個沒有 LLM 的年代只能依賴實體的書籍、各種線上資源與社群。 在 2018 的某天意外看到 Billy 的一篇關於 OSCP 的文章,開啟了我對這張證照的興趣,接著又在 PTT 上看到有人發文說「想創個 Kali 的社群」,我就私訊了那位發文者 T0ny,他把我邀進去群組後,發現群組成員:只有我、那位發文者 T0ny。 身為一個當時對於資安技術充滿好奇的人,我開始加入很多資安群組,也在 PTT 上發文,宣傳我們的小群組,希望能找到願意一起學習和交流的人(現在想想還真是有點厚臉皮)。 這裡還有個小故事,由於當年我實在厭煩於有些人會跑到資安群組問「能不能幫我入侵 XXX」,我設計了一個表單,裡面都是一些簡單的資安問題,目的是希望避免一樣的情況發生,效果意外的不錯。 總之我徹底踏入滲透測試這個領域,也很幸運地結識了 Billy、Dexter 和其他當年一起奮戰打…

Read more →

Your Car Is Spying on You—and It’s About to Get Worse

  Cars used to be simple machines that carried people from one place to another. Today, they are rolling computers packed with sensors, microphones, cameras, GPS receivers, and internet connections. That shift has turned the modern vehicle into a powerful…

Read more →

Beat AI or Let AI Beat You

AI feels like an enemy. From a certain angle, it is. But mostly it’s just scary, the same way the internet was scary back in the day, and the same way personal computers were scary before that. It helps to…

Read more →

7 Best Vulnerability Scanning Tools & Software in 2026

Compare the top vulnerability scanners in 2026. The post 7 Best Vulnerability Scanning Tools & Software in 2026 appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read the original article: 7 Best Vulnerability Scanning Tools…

Read more →