惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

G
GRAHAM CLULEY
V
V2EX
WordPress大学
WordPress大学
博客园 - Franky
Last Week in AI
Last Week in AI
博客园 - 司徒正美
有赞技术团队
有赞技术团队
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
博客园 - 【当耐特】
V
Visual Studio Blog
C
CERT Recently Published Vulnerability Notes
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
Jina AI
Jina AI
Attack and Defense Labs
Attack and Defense Labs
腾讯CDC
The Hacker News
The Hacker News
Hugging Face - Blog
Hugging Face - Blog
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
J
Java Code Geeks
人人都是产品经理
人人都是产品经理
阮一峰的网络日志
阮一峰的网络日志
T
Tailwind CSS Blog
S
SegmentFault 最新的问题
大猫的无限游戏
大猫的无限游戏
小众软件
小众软件
A
Arctic Wolf
量子位
博客园 - 聂微东
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
N
News and Events Feed by Topic
雷峰网
雷峰网
博客园_首页
Google Online Security Blog
Google Online Security Blog
Spread Privacy
Spread Privacy
罗磊的独立博客
H
Hacker News: Front Page
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
月光博客
月光博客
TaoSecurity Blog
TaoSecurity Blog
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
博客园 - 三生石上(FineUI控件)
宝玉的分享
宝玉的分享
IT之家
IT之家
The Cloudflare Blog
爱范儿
爱范儿
博客园 - 叶小钗
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
Apple Machine Learning Research
Apple Machine Learning Research
酷 壳 – CoolShell
酷 壳 – CoolShell

The Register - Security: Patches

Cisco SD-WAN make-me-root bug under attack Ivanti tells Sentry customers to patch now as critical bugs hit 10.0 and 9.9 AI is making Patch Tuesday (kinda) fun again Anthropic to release Mythos-class models to the public Clear your calendar, Drupal user: You have a critically urgent patch to install Welcome to the vulnpocalypse, as vendors use AI to find bugs and patches multiply like rabbits Doozy of a Patch Tuesday includes 30 critical Microsoft CVEs Critical cPanel, WHM flaw probs exploited as 0-day, pros say Microsoft patch fell short. New Windows flaw exploited More Cisco SD-WAN bugs battered in attacks Critical Fortinet sandbox bugs allow auth bypass and RCE Ancient Excel bug comes out of retirement for active attacks Microsoft's massive Patch Tuesday: It's raining bugs Ransomware scum, other crims exploit 4 old Microsoft bugs Attackers exploited the FortiClient EMS bug as a 0-day Citrix NetScaler bug may be multiple flaws in one Ransomware crims abused Cisco 0-day weeks before disclosure Google rushes Chrome update to fix zero-days under attack CISA warns max-severity n8n bug is being exploited in the wild Cisco warns of two more SD-WAN bugs under active attack LexisNexis Legal & Professional confirms data breach Five Eyes warn: Patch your Cisco SD-WAN or risk root takeover Patch these 4 critical, make-me-root SolarWinds bugs ASAP CISA gives feds 3 days to patch actively exploited Dell bug CISA gives feds 3 days to patch actively exploited Dell bug Google fixes exploited Chrome CSS zero-day Critical Microsoft bug from 2024 under exploitation Apple patches decade-old iOS zero-day exploited in the wild Microsoft's Valentine's gift to admins: 6 zero-day fixes Microsoft's Valentine's gift to admins: 6 zero-day fixes Critical SolarWinds Web Help Desk bug under attack Critical React Native Metro dev server bug under attack Critical React Native Metro dev server bug under attack OpenClaw patches one-click RCE as security Whac-A-Mole continues Ivanti's January bad luck continues as 0-days hit customers Critical VMware vCenter Server bug under attack Critical VMware vCenter Server bug under attack FortiGate SSO bug still exploitable despite December patch Ancient telnet bug happily hands out root to attackers Cisco plugs up Unified Comms zero-day under active exploit Cloudflare whacks WAF bypass bug that opened side door Cloudflare whacks WAF bypass bug that opened side door Anthropic quietly fixed flaws in its Git MCP server Sorry Dave, I’m afraid I can’t do that! PCs refuse to shut down after Microsoft patch Patch Tuesday update makes Windows PCs refuse to shut down Cisco finally fixes max-severity bug under active attack for weeks Cisco finally fixes max-severity bug under attack for weeks Windows info-disclosure 0-day bug gets a fix as CISA sounds alarm Python libraries in AI/ML models can be poisoned w metadata Python libraries in AI/ML models can be poisoned w metadata Ruh-roh, there's a Cisco ISE bug POC on the loose Ruh-roh, there's a Cisco ISE bug POC on the loose CISA flags exploited Office relic alongside fresh HPE flaw Critical n8n bug allows unauthenticated server takeover Logitech mouse mayhem traced to expired dev certificate 'Heartbleed of MongoDB' under active exploit Microsoft fixes Message Queuing issue in new update Microsoft fixes Message Queuing issue in new update Critical-rated WatchGuard Firebox flaw under active attack HPE OneView RCE bug scores a perfect 10 Apple, Google forced to issue emergency 0-day patches Microsoft RasMan DoS 0-day gets unofficial patch - and a working exploit Microsoft RasMan 0-day gets an unofficial patch and exploit New React vulns leak secrets, invite DoS attacks Google fixes super-secret 8th Chrome 0-day Microsoft fixes Windows shortcut flaw exploited for years Microsoft fixes Windows shortcut flaw exploited for years Two Android 0-day bugs patched, plus 105 more fixes Fortinet finally cops to critical bug under active exploit Cisco warns of 'new attack variant' battering firewalls Docker Compose vulnerability opens door to host-level writes Microsoft issues out-of-band patch for critical WSUS flaw Vulnerable Rust crate exposes uv Python packager Oracle rushes out another emergency E-Business Suite patch 50K Cisco firewalls remain vulnerable to advanced attacks Exploits using GoAnywhere perfect-10 bug confirmed Critical Cisco firewall holes under active attack SonicWall releases rootkit-busting firmware update SolarWinds patches critical RCE - for the third time Fortra discloses 10/10 severity bug in GoAnywhere MFT OpenAI plugs ShadowLeak bug in ChatGPT Google pushes emergency patch for Chrome 0-day Apple backports patch to older kit after 0-day exploitation
Attacker gets into France's DB listing all bank accounts
2026-02-23 · via The Register - Security: Patches

REG AD

Security

Attacker gets into France's database listing all bank accounts, makes off with 1.2 million records

PLUS: Unpatched Ivanti boxes under attack; 0APT might not be a scam; AI gets better at helping cyber-scum; And more

INFOSEC IN BRIEF An unknown attacker accessed the French government’s database listing every bank account in the country and made off with 1.2 million records.

France’s Ministry of Economics, Finance and Industrial and Digital Sovereignty last week revealed the incident took place in January, after unknown attackers used stolen credentials to access the database.

The Ministry said the attacker's access was restricted immediately upon discovery of the attack, but that the miscreant still managed to access personal information about 1.2 million accounts, including account numbers, account holder’s addresses, and tax identification numbers.

REG AD

France’s government has mobilized the agencies that fight this sort of incident, and warned account holders to be on the lookout for suspicious messages.

REG AD

0days in Ivanti's EPMM under attack

Palo Alto Networks' Unit 42 reported last week that the pair of zero-days in Ivanti Endpoint Manager for Mobile (EPMM) that the vendor patched last month are proving popular with attackers.

According to Unit 42 researchers, cyber-scum are aware of the two 9.8-rated CVEs – CVE-2026-1281 and CVE-2026-1340 – and are targeting unpatched systems.

State and local governments, healthcare, manufacturing, professional and legal services, and the tech sector in the US, Germany, Australia, and Canada have all been peppered by attackers leveraging those vulnerabilities.

Unit 42 reports that attackers have tried to exploit them by establishing a reverse shell, installing web shells, downloading malware, and conducting reconnaissance in a search for further vulnerabilities.

The researchers noted that patches are available for both vulnerabilities and point out that installation doesn’t require downtime, so deserves a prominent place on owners’ to-do lists.

0APT a hoax? Not so fast, say researchers

You may recall in last week's security roundup that we wrote about GuidePoint Security’s opinion that a group calling itself 0APT appears to be a fake gang using other cybercriminals' ill-gotten data to pass off as their own.

REG AD

Researchers with security firm Cyderes' Howler Cell threat research team reached out to warn us not to ignore the group, as there are signs it's a real threat.

According to Howler Cell's research, 0APT's initial presence might be mostly fake, but "the operators behind 0APT are running an active Ransomware-as-a-service platform with functional malicious payloads and a working affiliate model."

Howler Cell warns that the bluff may have been an attempt to attract attention, like we said, but not just to scam victims – they may also be trying to attract affiliates by making quick reputation gains.

Howler Cell said that it managed to access the group's ransomware-as-a-service portal, collecting malware samples that were fully viable and just waiting to be deployed.

"The 0APT ransomware demonstrates a clear focus on reliability, operator configurability, and secure cryptographic implementation, aligning with modern trends in Rust‑based ransomware development," Howler Cell said.

You've been warned.

AI helps cybercrims move faster, do more

AI is rapidly becoming a cybercriminal's best friend, serving as a force multiplier that is increasing attacker success rates at each stage of a campaign.

REG AD

Unit 42 said in its 2026 Global Incident Response Report published last week that AI contributed to a quadrupling of exfiltration speeds in 2025, making it one of the most dangerous emerging threats for the coming year.

"AI is changing the economics of intrusions," Unit 42 said in the report. "It increases attacker speed, scale and effectiveness while opening entirely new attack vectors."

We've known that AI has helped cybercriminals for a while. Unit 42's report, however, suggests whatever trends we've seen to date are only going to accelerate and make the problem worse.

AI is enabling attackers to move faster to exploit vulnerabilities, with Unit 42 saying it has seen signs that attackers are using AI to help them scan for exposed vulnerabilities within 15 minutes of a CVE being announced.

"Exploitation attempts often begin before many security teams have even finished reading the vulnerability advisory," Unit 42 noted. AI assistance has meant that time-to-exfiltration can be as little as 25 minutes, according to Unit 42's simulations.

AI is further lowering the barrier to entry for new attackers too, by making it easy to personalize social engineering exploits and keeping them free of the spelling and grammar errors that betray their nature.

Constant vigilance and a new line of defenses will be needed to keep up with this latest generation of AI threats, tips for which are included in the Unit 42 report.

Tenga leaks customer details

Sex toy manufacturer Tenga said a "limited segment" of its US customer base who interacted with company support reps have had their details spilled.

Cybercriminals obtained correspondence history and customer email addresses (no other PII or financial information, but even that limited bit of data could get embarrassing) by probing a single employee's email account, the company said.

It seems a malicious email campaign may also be involved using the addresses obtained by the digi-crook, as Tenga is also warning customers caught in the leak not to open suspicious attachments.

The company said it's already been in touch with affected customers, and said it intends to use more protection to prevent another such incident in the future. ®