Aggregator

三人一AI，推翻苹果5年安全神话

其数据规模庞大且极具敏感性，令人担忧

Интернет-ограничения превратились из политической новости в бытовую проблему номер один.

“CCF-INFORSEC网络空间安全前沿创新论坛”将于2026年5月23日（周六）在中国科学院计算技术研究所一层报告厅举办，报名即将截止，名额有限，欲报从速！

关注高级攻防对抗技术热点，研究对手技术进行高级威胁模拟，研判攻击安全发展方向。

攻击者借助 pidfd_getfd() 在进程退出竞争窗口窃取已打开的文件描述符，可读取 /etc/shadow 与 SSH 私钥等敏感文件。

A critical cross-site scripting (XSS) vulnerability (CVE-2026-42897) in Microsoft Exchange Server is being exploited by attackers, Microsoft warned on Thursday. A permanent fix is still in the works. In the meantime, Microsoft provided temporary mitigations. About CVE-2026-42897 CVE-2026-42897 affects on-premises versions of Microsoft Exchange Server: Subscription Edition RTM, 2019, and 2016. Exchange Online is not affected. Flagged by an anonymous researcher, the vulnerability allows an unauthorized attacker to perform spoofing over a network. “An attacker … More →

The post Unpatched Microsoft Exchange Server vulnerability exploited (CVE-2026-42897) appeared first on Help Net Security.

AI 接管 Fuzzing，告别手工发包

一项对 50 万成年人的睡眠时间和衰老迹象进行的大规模分析，确定了一个最佳的睡眠时间：每天睡 6至 8 小时与较低的早逝及患病风险有关。多于或少于这一时长都会加速衰老。这项研究并不意味着 6 至 8 小时适合所有人，也不能证明每天满足这个“黄金睡眠”时间要求就能直接改善健康或延缓衰老。但它确实为睡眠与人体衰老的相互关系提供了一个迄今最全面的概览。研究结果支持了一个颇具前景的假说，即调整睡眠时间可能是降低衰老相关疾病风险的一条可行途径。研究团队分析了睡眠时间与 23 种生物衰老时钟的关系，后者覆盖了 17 个人体器官的衰老特征。这些时钟分别基于蛋白水平、代谢物含量及医学影像特征构建。结果发现，多数器官呈现 U 形衰老规律，但曲线最低点（最佳睡眠时间）并不总是在同一位置。例如，基于心脏蛋白的衰老时钟显示，6小时睡眠对应了最佳健康状态；而脑部蛋白时钟显示，8 小时睡眠效果最优。此外，在某些情况下，男女的最佳睡眠时间存在差异。总体来看，与睡眠时间过长或过短的人相比，每天睡眠维持在6至8小时的人衰老更慢、健康状况更好，2型糖尿病、抑郁症等疾病的发生率也更低。

过去十几年，中国 SaaS 没能复制海外企服软件繁荣。但 AI Agent 的兴起可能改变这一点：组织协作需要共享数据、权限、流程和审计，Agent 反而可能成为中国 SaaS 的新需求入口。

Rocky Linux has introduced a Security Repository that allows the distribution to ship urgent security fixes ahead of upstream Enterprise Linux when public exploit code exists and upstream patches are unavailable. “The repository is disabled by default. That’s intentional. The default Rocky Linux experience stays exactly what it has always been: predictable, stable, and fully upstream-compatible. Administrators who want access to accelerated fixes can opt in when they need it,” Eric Hendricks of the Rocky … More →

The post Rocky Linux launches opt-in security repository for urgent fixes appeared first on Help Net Security.

最近，德国的TSCM专家，分享了在对客户的iPhone手机进行物理检查和拆解过程中，在设备内部发现了额外的音频窃听模组。 这些硬件展示出窃听者的独特技术手段和独创性的实现方式。如图中所示，本期展示的真实案例中，是一部 iPhone 13 Pro Max。 ■ 技术分析： 原装电池已被替换，增加了一个额外的模组，该模组包含： • 微型麦克风 • SIM 卡 • Wi-Fi 模块 • 内置存储 这类窃听模组使攻击者能够： • 监听通话，包括即时通讯软件中的对话 • 录制手机周围的环境音频 • 即使手机未处于使用状态，也能收集周边信息 根据技术分析，该模块能够自主运行。并且录制的数据会定期通过 Wi-Fi在后台上传——主要是在夜间手机充电时。 ■ 如何实现 在案件调查过程中，经确认该iPhone手机是当前持有者（某大型企业核心高管）曾收到的一份电子礼物。 ■结论：针对企业核心高层的真实监控手段，远比大多数人想象的要夸张的多。 过去近10年，RC²反窃密实验室的TSCM检测团队在为多个100强企业检测时，一直在为相关主管提供现场手机检测，在威胁情报+专业便携式X光机的配合下，所有电路电池模组一览无遗。 更多全球真实窃密案例，以及 iPhone手机窃听实例，尽在RC²系列商业秘密保护课程，欢迎企业为核心管理层选择「DCCE高管隐私保护专项课」。 #威胁情报 #商业秘密保护 #TSCM #商业安全 #隐私保护

BrainCipher勒索团伙公布新的受害公司，abyss勒索团伙公布新的受害公司，kairos勒索团伙公布新的受害公司。

On Thursday, Microsoft shared mitigations for a high-severity Exchange Server vulnerability exploited in attacks that allow threat actors to execute arbitrary code via cross-site scripting (XSS) while targeting Outlook on the web users. [...]

A vulnerability was found in pektsekye Notify Odoo Plugin up to 1.0.1 on WordPress. It has been classified as problematic. This issue affects the function _updateSettings of the component Setting Handler. This manipulation causes cross-site request forgery. The identification of this vulnerability is CVE-2026-8425. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in justinkruit Advanced Custom Fields Plugin up to 5.0.2 on WordPress and classified as problematic. This vulnerability affects the function update_preview. The manipulation results in cross site scripting. This vulnerability was named CVE-2026-6415. The attack may be performed from remote. There is no available exploit.

A vulnerability has been found in AVB Disc Soft DAEMON Tools Lite up to 12.5.0.2434 and classified as critical. This affects an unknown part of the file daemon-tools.cc. The manipulation leads to embedded malicious code. This vulnerability is uniquely identified as CVE-2026-8398. The attack is possible to be carried out remotely. No exploit exists. The affected component should be upgraded.

A vulnerability, which was classified as critical, was found in Krajowa Izba Rozliczeniowa SzafirHost up to 1.2.0. Affected by this issue is some unknown functionality of the component JAR File Handler. Executing a manipulation can lead to unrestricted upload. This vulnerability is handled as CVE-2026-44088. The attack can be executed remotely. There is not any exploit available. You should upgrade the affected component.

A vulnerability, which was classified as critical, has been found in techlabpro1 Classified Listing Plugin up to 5.3.10 on WordPress. Affected by this vulnerability is an unknown functionality. Performing a manipulation results in missing authorization. This vulnerability is known as CVE-2026-7563. Remote exploitation of the attack is possible. No exploit is available. It is advisable to upgrade the affected component.