Aggregator

2026年中国网络文明大会19日在南宁举行。中共中央政治局委员、中宣部部长李书磊出席并发表主旨演讲。

A vulnerability was found in Microsoft Edge. It has been rated as critical. This impacts an unknown function. This manipulation causes improper input validation. This vulnerability appears as CVE-2026-45495. The attack may be initiated remotely. There is no available exploit. Upgrading the affected component is advised.

Всего один разговор может превратить обычный день в дорогую ошибку.

Dell Conference Speakers Say 67% of AI Innovation Is Running Outside the Cloud
Dell predicts up to $4 trillion in AI infrastructure investment by 2030, with 67% of AI workloads are already run outside the cloud. If this estimate is even roughly correct, the idea that enterprise AI mainly exists in hyperscaler environments is more of a forced narrative than a market reality.

Satellites Will Be Newest Cyberwar Front
Now that space is becoming a battlefield, cyberwar will be waged there, experts predict, and the race is on to develop cyber defenses that can protect new satellite constellations from foreign cyber-warriors, online spies and even criminal hacker gangs.

HumanBug15 年实战经验，手把手教落地

彻底沦陷！百万级前端组件集体遭遇恶意投毒

看雪论坛作者ID：XCicada

人类中的大多数是右撇子，左撇子占约十分之一。为什么会出现这一倾向？研究人员分析了 41 种灵长类动物，共计 2025 只猴子与猿类的数据，逐一分析了工具使用、食性、栖息环境、体型、社会结构、脑容量、行动方式等各类影响因素。人类的用手倾向与其他灵长类动物存在明显差异。当研究人员将两个关键特征纳入模型中，情况就发生了变化。这两个特征分别是大脑大小及臂长与腿长的比例，这一比例常作为衡量两足行走能力的指标。纳入上述因素后，人类不再被视为特殊的进化产物。研究结果表明，直立行走与脑容量增大的共同作用，或是人类形成强烈右手使用偏好的核心原因。研究人员认为，惯用右手的进化分为两个阶段。首先，直立行走使双手从运动中解放出来，偏爱更专业和不对称的手部使用；其次，随着人类大脑变得更大且更为复杂，对右手的偏好变得愈发强烈且更为普遍。

一份来自360漏洞研究院的AI Agent生态安全体检报告

Mozilla 释出了 Firefox 151。主要新特性包括：更新内置 VPN 支持，改进隐私浏览，Firefox PDF 查看器支持直接合并多个 PDF 文件，Linux 和 macOS 本地配置文件备份支持跨平台恢复，文档画中画 API——提供了比目前的视频画中画 API 更多功能体验，等等。JPEG-XL 原生图像解密器推迟到了下个版本。

Внутренние чаты показали, как устроена экономика вымогательства без глянца и пафоса.

Critical security vulnerabilities have been disclosed in SEPPMail Secure E-Mail Gateway, an enterprise-grade email security solution, that could be exploited to achieve remote code execution and enable an attacker to read arbitrary mails from the virtual appliance. "These vulnerabilities could have been exploited to read all mail traffic or as an entry vector into the internal network,"

Open source tool maker Grafana says hackers stole codebase via GitHub breach

A vulnerability has been found in gotenberg 8.1.0/8.31.0 and classified as critical. Affected is the function downloadFrom/webhook. Performing a manipulation results in server-side request forgery. This vulnerability was named CVE-2026-42596. The attack may be initiated remotely. There is no available exploit. The affected component should be upgraded.

A vulnerability marked as critical has been reported in Strapi Upload Plugin. Impacted is an unknown function of the component Content API. Performing a manipulation results in unrestricted upload. This vulnerability is known as CVE-2026-22707. Remote exploitation of the attack is possible. No exploit is available. It is suggested to upgrade the affected component.

A vulnerability identified as problematic has been detected in datahub-project datahub up to 1.5.0.3. This issue affects some unknown processing of the component OIDC Call Handler. Performing a manipulation of the argument REDIRECT_URL results in deserialization. This vulnerability is cataloged as CVE-2026-44501. It is possible to initiate the attack remotely. There is no exploit available. You should upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Strapi up to 5.36.x. This affects an unknown part. The manipulation leads to path traversal. This vulnerability is traded as CVE-2026-27886. It is possible to initiate the attack remotely. There is no exploit available. It is advisable to upgrade the affected component.