译文语言

"Scattered Spider"成员"Tylerb"认罪

24岁英国公民、网络犯罪组织"Scattered Spider"高级成员泰勒·罗伯特·布坎南承认犯有电信欺诈共谋和加重身份盗窃罪。他承认在2022年夏季参与了一系列短信钓鱼攻击，使该组织入侵了至少十几家大型科技公司，并从投资者处窃取了价值数千万美元的加密货币。

相关报道

Two 10.0 severity Spinnaker vulns give attackers RCE and production access
8.5
Two critical vulnerabilities in Spinnaker, rated 10.0 in severity, allow attackers to execute remote code and gain access to production environments. The security flaws could enable complete compromise of affected systems.
欧盟数字身份钱包无法兑现其宣称的隐私保护承诺
8.5
欧盟数字身份钱包声称提供强大的隐私保护功能，但技术分析表明其架构存在缺陷，无法真正实现所承诺的隐私属性。该问题涉及钱包核心设计中的隐私保护机制不足，可能影响用户数据安全。
It Takes 2 Minutes to Hack the EU-S New Age-Verification App
7.5
Security researchers discovered that the EU's new age-verification app can be hacked in just two minutes using simple methods. The app, designed to verify users' ages online, contains vulnerabilities that allow easy bypass of its security measures. This raises concerns about the effectiveness of the system for protecting minors.
France's 'Secure' ID agency probes breach as crooks claim 19M records
7.5
France's national identity document agency is investigating a data breach after criminals claimed to have stolen 19 million records. The agency, which issues secure identity cards and passports, has launched a probe into the alleged security incident.
The Vercel and Context AI breach: an AI supply chain attack, step by step
7.5
A security breach involving Vercel and Context AI exposed sensitive data through an AI supply chain attack. The incident demonstrates how vulnerabilities in AI infrastructure can be exploited to access private information. The attack highlights growing security concerns in the AI development ecosystem.

Two 10.0 severity Spinnaker vulns give attackers RCE and production access

8.5

Two critical vulnerabilities in Spinnaker, rated 10.0 in severity, allow attackers to execute remote code and gain access to production environments. The security flaws could enable complete compromise of affected systems.

欧盟数字身份钱包无法兑现其宣称的隐私保护承诺

8.5

欧盟数字身份钱包声称提供强大的隐私保护功能，但技术分析表明其架构存在缺陷，无法真正实现所承诺的隐私属性。该问题涉及钱包核心设计中的隐私保护机制不足，可能影响用户数据安全。

It Takes 2 Minutes to Hack the EU-S New Age-Verification App

7.5

Security researchers discovered that the EU's new age-verification app can be hacked in just two minutes using simple methods. The app, designed to verify users' ages online, contains vulnerabilities that allow easy bypass of its security measures. This raises concerns about the effectiveness of the system for protecting minors.

France's 'Secure' ID agency probes breach as crooks claim 19M records

7.5

France's national identity document agency is investigating a data breach after criminals claimed to have stolen 19 million records. The agency, which issues secure identity cards and passports, has launched a probe into the alleged security incident.

The Vercel and Context AI breach: an AI supply chain attack, step by step

7.5

A security breach involving Vercel and Context AI exposed sensitive data through an AI supply chain attack. The incident demonstrates how vulnerabilities in AI infrastructure can be exploited to access private information. The attack highlights growing security concerns in the AI development ecosystem.