惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
S
SegmentFault 最新的问题
Recent Commits to openclaw:main
Recent Commits to openclaw:main
Attack and Defense Labs
Attack and Defense Labs
F
Full Disclosure
Vercel News
Vercel News
N
News | PayPal Newsroom
The GitHub Blog
The GitHub Blog
H
Hacker News: Front Page
H
Heimdal Security Blog
P
Privacy International News Feed
博客园 - 司徒正美
Google DeepMind News
Google DeepMind News
N
Netflix TechBlog - Medium
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
C
Cisco Blogs
L
Lohrmann on Cybersecurity
D
Docker
Recent Announcements
Recent Announcements
Security Archives - TechRepublic
Security Archives - TechRepublic
人人都是产品经理
人人都是产品经理
C
CXSECURITY Database RSS Feed - CXSecurity.com
P
Proofpoint News Feed
T
Tailwind CSS Blog
C
Check Point Blog
博客园 - 叶小钗
Google Online Security Blog
Google Online Security Blog
Martin Fowler
Martin Fowler
Stack Overflow Blog
Stack Overflow Blog
博客园 - 聂微东
S
Secure Thoughts
博客园 - Franky
博客园_首页
阮一峰的网络日志
阮一峰的网络日志
P
Palo Alto Networks Blog
Latest news
Latest news
量子位
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
博客园 - 三生石上(FineUI控件)
The Cloudflare Blog
Last Week in AI
Last Week in AI
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
Cyberwarzone
Cyberwarzone
小众软件
小众软件
Cisco Talos Blog
Cisco Talos Blog
Hacker News: Ask HN
Hacker News: Ask HN
T
Threatpost
T
Tenable Blog
P
Privacy & Cybersecurity Law Blog
WordPress大学
WordPress大学

SentinelOne

The Good, the Bad and the Ugly in Cybersecurity – Week 24 The Good, the Bad and the Ugly in Cybersecurity – Week 23 SentinelOne + Claude: Integrations for AI Visibility, Governance, and Defense The Good, the Bad and the Ugly in Cybersecurity – Week 22 The Good, the Bad and the Ugly in Cybersecurity – Week 21 Sentinels League 2026: Live Rankings for the Threat Hunting World Championship Turn Blind Trust into Verified Control with Prompt Security for Agentic AI SHub Reaper | macOS Stealer Spoofs Apple, Google, and Microsoft in a Single Attack Chain Breaking the Black Box: A Case Study in Red-Teaming a Government Education AI Living Off the Pipeline: Defending Against CI/CD Subversion The Good, the Bad and the Ugly in Cybersecurity – Week 15 Edge Decay: How a Failing Perimeter Is Fueling Modern Intrusions The Good, the Bad and the Ugly in Cybersecurity – Week 14 Securing the Supply Chain: How SentinelOne®’s AI EDR Stops the Axios Attack Autonomously The Identity Paradox: The Hidden Risks in Your Valid Credentials The Implementation Blind Spot | Why Organizations Are Confusing Temporary Friction with Permanent Safety How SentinelOne’s AI EDR Autonomously Discovered and Stopped Anthropic’s Claude from Executing a Zero Day Supply Chain Attack, Globally The Good, the Bad and the Ugly in Cybersecurity – Week 13 The Good, the Bad and the Ugly in Cybersecurity – Week 12 The Good, the Bad and the Ugly in Cybersecurity – Week 11
The Good, the Bad and the Ugly in Cybersecurity – Week 20
SentinelOne · 2026-05-15 · via SentinelOne

The Good | Authorities Dismantle Major Dark Web Marketplaces & Arrest Key Admins

European authorities dismantled a lucrative, rebooted version of the ‘Crimenetwork’ cybercrime marketplace and arrested its primary administrator in Mallorca, Spain. When German police first disrupted the original platform in late 2024 and apprehended its operator, a 35-year-old suspect allegedly constructed an identical infrastructure to resume operations just days after. In the last two years, the resurrected criminal hub has amassed an extensive user base, attracting over 22,000 registered individuals and 100 specialized vendors who actively trafficked in stolen data, illegal services, and narcotics.

Before the shutdown this week, the platform generated an estimated €3.6 million in illicit revenue. The coordinated enforcement action involved authorities seizing the underlying infrastructure alongside approximately €194,000 in criminal assets. The current administrator now faces federal charges under the German Criminal Code and Narcotics Act, marking another step ahead against dark web economies.

In a separate arrest, U.S. and German authorities have jointly detained Owe Martin Andresen (aka Speedstepper), the main operator behind Dream Market – one of the largest dark web marketplaces to date. The 49-year-old allegedly orchestrated a massive global narcotics hub that facilitated the sale of hundreds of kilograms of illicit drugs until its shutdown in 2019. After years of complete anonymity, Andresen recently utilized original private keys to access dormant marketplace wallets containing millions in hidden commission payments.

Federal prosecutors claim he systematically laundered over $2 million by purchasing massive quantities of gold bars through an American cryptocurrency service provider. During a series of coordinated raids, law enforcement recovered approximately $1.7 million in gold bars, $23,000 in cash, and many cryptocurrency wallets, finally bringing the elusive kingpin to face international money laundering charges.

The Bad | Threat Actors Weaponize Artificial Intelligence to Develop Zero-Day Exploits

A new report from Google Threat Intelligence Group (GTIG) reveals a coordinated campaign exploiting an AI-generated zero-day vulnerability. The attack targets an unnamed open-source web administration tool, using the flaw to bypass two-factor authentication (2FA). The researchers say they identified an active threat actor utilizing large language models (LLMs) to actively discover and weaponize software vulnerabilities in the wild.

As the targeted flaw involves a high-level semantic logic bug stemming from a hard-coded trust assumption, rather than typical memory corruption, it matches the bug classes LLMs excel at identifying. Researchers have assessed with high confidence that the resulting Python exploit script was AI-generated, pointing to an abundance of educational docstrings, its distinctly textbook structure, and telltale hallucinations, including a completely fabricated CVSS score.

LLM vulnerability discovery capabilities compared with other discovery mechanisms (Source: GTIG)

The report notes that state-sponsored syndicates from China and North Korea are showing increasing interest in using LLMs for continuous vulnerability discovery and exploit development. Simultaneously, Russia-linked adversaries actively utilize AI to generate decoy code that heavily obfuscates malware like CANFAIL and LONGSTREAM, alongside deploying advanced voice cloning for more convincing social engineering campaigns.

To demonstrate this evolution, researchers also highlighted an Android backdoor called PromptSpy, which integrates with Gemini APIs to bypass LLM safety features, calculate interface geometry, and autonomously replay device authentication patterns such as lock PINs.

For defenders, the widespread use of AI by threat actors is compressing attack timelines, meaning patch windows that once lasted weeks may now close in hours.

The Ugly | ShinyHunters Exploits Multiple XSS Flaws to Extort Education Technology Giant Canvas

Education technology giant, Instructure, recently confirmed a two-week long cybersecurity incident after ShinyHunters breached its popular Canvas learning management system (LMS). The attackers initially infiltrated the network in late April, exfiltrating a staggering 3.6 terabytes of data encompassing an estimated 280 million records across nearly 8,900 global educational institutions.

Days later, the attackers struck again, actively exploiting multiple cross-site scripting (XSS) vulnerabilities within user-generated content features. After hijacking authenticated admin sessions, ShinyHunters deliberately defaced active Canvas login portals during final exam season, displaying disruptive extortion messages and demanding immediate ransom negotiations.

Source: University of Texas at San Antonio

The mass exfiltration exposed critical student and teacher information, including names, email addresses, and private platform messages, though financial data remained secure. To mitigate escalating operational damage, Instructure abruptly suspended its Free-for-Teacher environments while quickly implementing critical safeguards. This week, the company reached an undisclosed agreement with ShinyHunters to halt the public leak, despite repeated warnings from the FBI that a paid ransom does not guarantee double or triple extortion in the future. So far, ShinyHunters has removed Instructure from their dark web leak sites and seemingly confirmed the deletion of all stolen data.

After triggering intense federal scrutiny, the U.S. House Committee on Homeland Security has launched a formal investigation into the repeated breaches, questioning Instructure’s incident response capabilities and data protection obligations. Lawmakers are demanding immediate briefings from corporate leadership to thoroughly review the severe educational disruptions and compromised security controls that continue to affect millions of vulnerable students, administrators, and teachers globally.