Iran-Linked Hackers Hits Israeli Sectors with New MuddyViper Backdoor in Targeted Attacks 好的，我现在需要帮用户总结一篇文章的内容，控制在100个字以内，而且不需要用“文章内容总结”这样的开头。首先，我得仔细阅读这篇文章，了解主要信息。 文章讲的是伊朗的网络攻击组织MuddyWater对以色列多个行业发动的新一轮攻击。他们使用了新的后门MuddyViper，通过钓鱼邮件和漏洞利用来入侵系统。此外，还提到了他们使用的其他工具和手段，比如Fooder加载器、VAXOne等。 接下来，我需要提取关键点：攻击目标是哪些行业？使用了什么工具？攻击手法是什么？有没有提到其他相关事件？比如Charming Kitten泄露事件。 然后，我要把这些信息浓缩成100字以内的摘要。要注意用词简洁，涵盖主要攻击目标、使用的工具和手法，以及可能的背景信息。 可能会遇到的问题是如何在有限的字数内涵盖所有重要点而不遗漏关键信息。需要权衡哪些信息最重要，哪些可以省略或简化。 最后，检查字数是否符合要求，并确保语言流畅自然。 </think> 伊朗网络攻击组织MuddyWater针对以色列学术界、工程、地方政府等多领域发起新一波攻击，利用未记录的后门MuddyViper及钓鱼邮件等手段入侵系统。该组织隶属伊朗情报部门，长期针对以色列及中东地区实施网络间谍活动，并利用多种恶意软件窃取敏感数据。... 2025-12-2 13:37:0 | 阅读: 2 | 收藏 | The Hacker News - thehackernews.com muddywater fooder loader iranian remote

SecAlerts Cuts Through the Noise with a Smarter, Faster Way to Track Vulnerabilities 文章介绍了漏洞管理的重要性及传统工具的不足，并推荐了SecAlerts这一高效、经济的解决方案。SecAlerts通过实时跟踪软件漏洞、过滤噪音并提供定制化警报，在云端运行且无需安装，帮助企业节省资源并提升安全性。... 2025-12-2 11:30:0 | 阅读: 1 | 收藏 | The Hacker News - thehackernews.com secalerts software stacks noise

Google Patches 107 Android Flaws, Including Two Framework Bugs Exploited in the Wild Google发布安卓系统月度安全更新，修复107个漏洞，包括两个已被利用的高危漏洞（信息泄露和权限提升）及一个可能导致远程拒绝服务攻击的关键漏洞。... 2025-12-2 07:17:0 | 阅读: 8 | 收藏 | The Hacker News - thehackernews.com security exploited shipped remediate

India Orders Phone Makers to Pre-Install Sanchar Saathi App to Tackle Telecom Fraud 好的，我现在需要帮用户总结一篇文章的内容，控制在100字以内，而且不需要特定的开头。首先，我得仔细阅读文章，理解主要内容。 文章主要讲印度要求手机制造商预装一款名为Sanchar Saathi的安全应用。这款应用不能被删除或禁用，功能包括举报诈骗、垃圾信息、恶意链接，阻止被盗手机使用，并允许用户检查自己名下的手机号码数量。此外，它还能报告伪装成国内电话的国际来电，帮助打击网络犯罪和维护国家安全。 接下来，文章提到这款应用自2023年5月推出以来下载量超过1140万次，成功阻止和找回了大量丢失设备。印度政府还要求制造商通过软件更新将应用推送到已流通的手机中。最后，文章比较了俄罗斯的做法，预装MAX应用，并限制Telegram和WhatsApp的使用。 现在我需要将这些信息浓缩到100字以内。重点包括：印度要求预装安全应用Sanchar Saathi、功能、下载量及成效、政府措施以及与俄罗斯政策的比较。 可能的结构：印度要求预装安全应用Sanchar Saathi用于防范网络犯罪和维护国家安全；该应用可举报诈骗、恶意链接等；已下载1140万次，成功找回72万设备；政府要求通过软件更新推送；类似俄罗斯强制预装MAX并限制 messaging apps。 </think> 印度要求手机制造商预装安全应用Sanchar Saathi以防范网络犯罪和维护国家安全。该应用可举报诈骗、垃圾信息及恶意链接，并追踪丢失设备。自推出以来已下载1140万次，成功找回72万设备。政府要求通过软件更新推送该应用至现有手机，并效仿俄罗斯强制预装本土应用以加强监管。... 2025-12-1 17:55:0 | 阅读: 3 | 收藏 | The Hacker News - thehackernews.com india citizens russia telecom

ShadyPanda Turns Popular Browser Extensions with 4.3 Million Installs Into Spyware ShadyPanda组织通过非法浏览器扩展进行长达七年的网络攻击活动，累计安装量超430万次。这些扩展最初伪装成合法工具，后被植入恶意代码以窃取用户数据并控制浏览器功能。部分扩展甚至通过Google认证获取信任，并利用自动更新机制传播恶意软件。... 2025-12-1 17:29:0 | 阅读: 6 | 收藏 | The Hacker News - thehackernews.com malicious visited wetab koi shadypanda

⚡ Weekly Recap: Hot CVEs, npm Worm Returns, Firefox RCE, M365 Email Raid & More Hacking News / CybersecurityHackers aren't kicking down the door anymore. They just use the same... 2025-12-1 12:47:0 | 阅读: 2 | 收藏 | The Hacker News - thehackernews.com security malicious attackers microsoft github

Webinar: The "Agentic" Trojan Horse: Why the New AI Browsers War is a Nightmare for Security Teams The AI browser wars are coming to a desktop near you, and you need to start worrying about their se... 2025-12-1 11:55:0 | 阅读: 1 | 收藏 | The Hacker News - thehackernews.com security agentic injection network flight

New Albiriox MaaS Malware Targets 400+ Apps for On-Device Fraud and Screen Control A new Android malware named Albiriox has been advertised under a malware-as-a-service (MaaS) model... 2025-12-1 08:45:0 | 阅读: 1 | 收藏 | The Hacker News - thehackernews.com remote albiriox lures vnc

Tomiris Shifts to Public-Service Implants for Stealthier C2 in Attacks on Government Targets Malware / Threat IntelligenceThe threat actor known as Tomiris has been attributed to attacks targ... 2025-12-1 05:7:0 | 阅读: 1 | 收藏 | The Hacker News - thehackernews.com reverse c2 tomiris implants python

CISA Adds Actively Exploited XSS Bug CVE-2021-26829 in OpenPLC ScadaBR to KEV Hacktivism / VulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has upd... 2025-11-30 09:23:0 | 阅读: 0 | 收藏 | The Hacker News - thehackernews.com oast security twonet scadabr attacker

Legacy Python Bootstrap Scripts Create Domain-Takeover Risk in Multiple PyPI Packages Cybersecurity researchers have discovered vulnerable code in legacy Python packages that could pote... 2025-11-28 16:27:0 | 阅读: 4 | 收藏 | The Hacker News - thehackernews.com distribute python malicious setuptools pypi

North Korean Hackers Deploy 197 npm Packages to Spread Updated OtterCookie Malware Supply Chain Attack / MalwareThe North Korean threat actors behind the Contagious Interview campai... 2025-11-28 16:18:0 | 阅读: 4 | 收藏 | The Hacker News - thehackernews.com ottercookie contagious chrome vercel development

Why Organizations Are Turning to RPAM Enterprise Security / Threat DetectionAs IT environments become increasingly distributed and organ... 2025-11-28 11:9:0 | 阅读: 9 | 收藏 | The Hacker News - thehackernews.com rpam privileged remote pam security

MS Teams Guest Access Can Remove Defender Protection When Users Join External Tenants Email Security / Enterprise SecurityCybersecurity researchers have shed light on a cross-tenant bl... 2025-11-28 08:33:0 | 阅读: 5 | 收藏 | The Hacker News - thehackernews.com microsoft security victim attacker invitation

Bloody Wolf Expands Java-based NetSupport RAT Attacks in Kyrgyzstan and Uzbekistan Malware / Social EngineeringThe threat actor known as Bloody Wolf has been attributed to a cyber a... 2025-11-27 18:13:0 | 阅读: 9 | 收藏 | The Hacker News - thehackernews.com netsupport wolf uzbekistan bloody kyrgyzstan

Microsoft to Block Unauthorized Scripts in Entra ID Logins with 2026 CSP Update Web Security / Zero TrustMicrosoft has announced plans to improve the security of Entra ID authent... 2025-11-27 15:37:0 | 阅读: 9 | 收藏 | The Hacker News - thehackernews.com microsoft security entra inject

ThreatsDay Bulletin: AI Malware, Voice Bot Flaws, Crypto Laundering, IoT Attacks — and 20 More Stories Hackers have been busy again this week. From fake voice calls and AI-powered malware to huge money-l... 2025-11-27 10:3:0 | 阅读: 15 | 收藏 | The Hacker News - thehackernews.com phishing security malicious microsoft

Gainsight Expands Impacted Customer List Following Salesforce Security Alert Ransomware / Cloud SecurityGainsight has disclosed that the recent suspicious activity targeting... 2025-11-27 07:3:0 | 阅读: 35 | 收藏 | The Hacker News - thehackernews.com gainsight salesforce shinysp1d3r ransomware slsh

Shai-Hulud v2 Campaign Spreads From npm to Maven, Exposing Thousands of Secrets The second wave of the Shai-Hulud supply chain attack has spilled over to the Maven ecosystem after... 2025-11-26 18:8:0 | 阅读: 9 | 收藏 | The Hacker News - thehackernews.com github hulud posthog software malicious

Qilin Ransomware Turns South Korean MSP Breach Into 28-Victim 'Korean Leaks' Data Heist South Korea's financial sector has been targeted by what has been described as a sophisticated s... 2025-11-26 14:31:0 | 阅读: 8 | 收藏 | The Hacker News - thehackernews.com ransomware qilin korean bitdefender wave