Aggregator
Qilin
1 week 1 day ago
You must login to view this content
cohenido
Fancy Bear Hackers Attacking Governments, Military Entities With New Sophisticated Tools
1 week 1 day ago
The notorious Russian cyberespionage group Fancy Bear, also known as APT28, has intensified its operations against governments and military entities worldwide using an arsenal of sophisticated new tools and techniques. Active since 2007, this state-sponsored threat actor has established itself as one of the most persistent and dangerous cyber adversaries, with a documented history of […]
The post Fancy Bear Hackers Attacking Governments, Military Entities With New Sophisticated Tools appeared first on Cyber Security News.
Tushar Subhra Dutta
Прыжок в пекло ради науки. 18 июля NASA запустит SNIFS к Солнцу
1 week 1 day ago
15 минут, чтобы найти причину больших бурь и вернуться на Землю.
CVE-2025-46002 | Filemanager up to 2.5.0 HTTP Request filemanager.php path traversal (Exploit 38945 / EUVD-2025-21878)
1 week 1 day ago
A vulnerability was found in Filemanager up to 2.5.0 and classified as critical. Affected by this issue is some unknown functionality of the file filemanager.php of the component HTTP Request Handler. The manipulation leads to path traversal.
This vulnerability is handled as CVE-2025-46002. The attack may be launched remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2024-13175 | Vidco VOC Tester up to 12.40.x authorization
1 week 1 day ago
A vulnerability has been found in Vidco VOC Tester up to 12.40.x and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to authorization bypass.
This vulnerability is known as CVE-2024-13175. The attack needs to be approached locally. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-46001 | Filemanager 2.3.0 PHP File is_allowed_file_type unrestricted upload (Exploit 38895 / EDB-38895)
1 week 1 day ago
A vulnerability, which was classified as critical, was found in Filemanager 2.3.0. Affected is the function is_allowed_file_type of the component PHP File Handler. The manipulation leads to unrestricted upload.
This vulnerability is traded as CVE-2025-46001. It is possible to launch the attack remotely. Furthermore, there is an exploit available.
vuldb.com
UK sanctions Russian hackers, spies as US weighs its own punishments for Russia
1 week 1 day ago
The hackers were allegedly involved in operations against Ukraine and a Russian on U.K. soil, the latter with malware tied to U.S. 2016 election interference.
The post UK sanctions Russian hackers, spies as US weighs its own punishments for Russia appeared first on CyberScoop.
Tim Starks
【资料】利用美军情报杂志实测各种AI的总结能力
1 week 1 day ago
今天从官方网站下载了美军两百多份各种资料,所有资料均已上传开源情报大模型中-资料共享-《美军出版物》文件夹。
Akira
1 week 1 day ago
You must login to view this content
cohenido
Akira
1 week 1 day ago
You must login to view this content
cohenido
狗看电视的模式
1 week 1 day ago
美国研究人员招募了数百名狗主人收集狗与电视互动的方式。研究考察了狗看电视习惯的趋势,包括主人是否尝试教狗看电视,主人电视每周打开的平均小时数,以及狗关注电视的平均秒数。对狗的评估内容包括它们对动物刺激物、非动物刺激物的反应,以及追随屏幕上的物体的程度。研究发现狗更容易对屏幕上看见的动物而不是其他刺激物作出反应,约 45% 的狗总是能对狗叫和狗吠这类狗噪声作出反应。主人报告为易兴奋的狗被发现会更频繁地追随屏幕上的物体,就好像这些物体存在于现实世界中一样。易害怕或焦虑的狗更容易对汽车喇叭或门铃这类非动物刺激物有反应。调查的狗看电视的平均时长为 14 分 8 秒。
Минцифры изменит правила отсрочки для айтишников: кого включат в весну-2026
1 week 1 day ago
Что предлагает ведомство?
3 Ways Security Teams Can Minimize Agentic AI Chaos
1 week 1 day ago
Security often lags behind innovation. The path forward requires striking a balance.
Josh Lemos
Выключи метаболизм — и живи вечно. Яйцеклетки преподают нам уроки бессмертия
1 week 1 day ago
Как же так выходит, что организм изнашивается, а они — нет?
美国法官允许作家对 Anthropic 盗版数百万电子书提起集体诉讼
1 week 1 day ago
上个月美国联邦法官裁决 Anthropic 使用书籍训练 AI 是合理使用,但使用盗版书籍训练并不是。法庭文件显示,Anthropic 从盗版网站下载了逾 700 万本书籍。它还购买了数百万本纸质书,拆开装订扫描了每一页,将其以数字形式存储。现在对于使用盗版书籍训练大模型,加州地区法官 William Alsup 允许起诉 Anthropic 侵权的作家代表全美作家提起集体诉讼。Anthropic 从盗版电子书库 LibGen 和 PiLiMi 下载了多达 700 万电子书,在 2021 年和 2022 年创建了一个巨大的存储库。如果作家们胜诉,Anthropic 可能需要赔偿数十亿美元损失。
国防科技大学 | 针对大型语言模型的离线文本对抗攻击
1 week 1 day ago
在本文中,研究了针对大型语言模型(LLMs)的文本对抗攻击,并提出了Offline-Attack。设计了一个对抗机器翻译(AMT)框架,并构建了一个大规模的对抗数据集来对其进行训练。
Top 10 Malware Q2 2025
1 week 1 day ago
Total malware notifications from MS-ISAC monitoring services decreased 18% from Q1 2025 to Q2 2025. Read our Top 10 Malware Q2 2025 for more.
Threat Actors Exploiting Ivanti Connect Secure Vulnerabilities to Deploy Cobalt Strike Beacon
1 week 1 day ago
A sophisticated malware campaign targeting Ivanti Connect Secure VPN devices has been actively exploiting critical vulnerabilities CVE-2025-0282 and CVE-2025-22457 since December 2024. The ongoing attacks demonstrate advanced persistent threat techniques, deploying multiple malware families including MDifyLoader, Cobalt Strike Beacon, vshell, and Fscan to establish long-term access to compromised networks. The attack begins with threat actors […]
The post Threat Actors Exploiting Ivanti Connect Secure Vulnerabilities to Deploy Cobalt Strike Beacon appeared first on Cyber Security News.
Tushar Subhra Dutta
Sophos Intercept X for Windows Vulnerabilities Enable Arbitrary Code Execution
1 week 1 day ago
Three critical vulnerabilities in the Sophos Intercept X for Windows product family could allow local attackers to achieve arbitrary code execution with system-level privileges. Identified as CVE-2024-13972, CVE-2025-7433, and CVE-2025-7472, the flaws span registry permission misconfigurations, a weakness in the Device Encryption component, and an issue in the Windows installer running under the SYSTEM account. […]
The post Sophos Intercept X for Windows Vulnerabilities Enable Arbitrary Code Execution appeared first on Cyber Security News.
Guru Baran