Aggregator

A vulnerability classified as problematic has been found in timschofield webERP up to 5.0.0.rc+13. This affects an unknown part of the file ConfirmDispatch_Invoice.php of the component Confirm Dispatch and Invoice Page. The manipulation of the argument Narrative leads to cross site scripting. This vulnerability is uniquely identified as CVE-2025-2715. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue. The vendor was contacted early about this disclosure but did not respond in any way.

NetFoundry unveiled a new version of its OT security platform enabling customers to secure critical infrastructure, including for on-premises and air-gapped environments such as substations. The announcement meets three customer demands: Software-only, interoperable, vendor-neutral, OT microsegmentation Secure connectivity to IT and OEMs, without exposing the OT network while mitigating against data exfiltration Reduced costs of firewalls, SIEM, SOAR, analytics, data lakes and storage “NetFoundry secures critical infrastructure on three continents, so we listen to our … More →

The post NetFoundry OT security platform protects critical infrastructure appeared first on Help Net Security.

未成年人在面对“乱花渐欲迷人眼”的网络信息时缺少相应的过滤能力，很容易在不知不觉间沉迷其中。对此，加强网络伦理、网络文明建设，发挥道德教化引导作用，用人类文明优秀成果滋养网络空间，显得尤为重要。

某互联网企业高管13岁的女儿“开盒”网暴他人却被“反开盒”。这场闹剧，像一面照妖镜，映射出数字时代个人信息安全形势不容乐观。公众的追问集中在：小小年纪，是怎么轻易拿到别人隐私信息的？

为实现场景数据价值效用的乘数倍增与充分释放，亟需打通我国关联领域目前在数据供给、数据流通、数据评估、数据标准、数据开放、数据共享等层面的堵点，以“场景化加工能力”与“多样化共享体系”两大要点共同构建具有国际化样板意义的高质量场景数据集。

《人工智能生成合成内容标识办法》及其配套国家强制性标准《网络安全技术 人工智能生成合成内容标识方法》，是对我国人工智能算法治理体系的进一步完善。

近年来，人脸识别技术不断取得突破，因其高效便捷而被广泛使用，并迅速融入人们的日常生活。这项技术正以前所未有的速度重塑着人们的生活方式，极大地提升了社会运行效率。然而，人脸识别技术在广泛应用过程中，也存在着不容忽视的安全隐患。

根据工作需要，按照《事业单位人事管理条例》和事业单位公开招聘有关政策规定，中国信息安全测评中心2025年度拟公开招聘工作人员。

Currently trending CVE - Hype Score: 3 - ruby-saml provides security assertion markup language (SAML) single sign-on (SSO) for Ruby. An authentication bypass vulnerability was found in ruby-saml prior to versions 1.12.4 and 1.18.0 due to a parser differential. ReXML and Nokogiri parse XML differently; the parsers can ...

Currently trending CVE - Hype Score: 1 - VMware ESXi, and Workstation contain a TOCTOU (Time-of-Check Time-of-Use) vulnerability that leads to an out-of-bounds write. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process ...

A cyberattack on Ukraine’s national railway operator Ukrzaliznytsia disrupted online ticket services, causing long lines at Kyiv’s station. The Record Media first reported the news of a cyber attack on Ukraine’s national railway operator Ukrzaliznytsia that disrupted online ticket services, causing long lines at Kyiv’s station. The incident led to overcrowding and long delays as […]

Создатель фиктивного ИИ привлёк $33 млн через схему взаимных платежей.

Google 和计算机历史博物馆联合公布了 AlexNet 的源代码，代码发布在博物馆的 GitHub 账户上，采用 BSD 2-Clause "Simplified" 许可证。AlexNet 是一种卷积神经网络 (CNN)，它在 2012 年发布时被认为改变了 AI 领域，代表着深度学习能做到传统 AI 技术无法做到的事情，在 AI 发展中具有里程碑意义。AlexNet 能以接近人类的正确率准确识别照片中的物体。它源自多伦多大学研究生 Alex Krizhevsky、Ilya Sutskever 及其导师 Geoffrey Hinton 的工作，证明深度学习能胜过传统的计算机视觉方法。Google 在 2013 年收购了研究团队创办的 DNNresearch 公司，从而拥有了其知识产权。

A vulnerability classified as critical was found in Apple iOS and iPadOS. Affected by this vulnerability is an unknown functionality of the component Web Contents Handler. The manipulation leads to memory corruption. This vulnerability is known as CVE-2024-27808. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Apple macOS. Affected by this issue is some unknown functionality of the component Web Contents Handler. The manipulation leads to memory corruption. This vulnerability is handled as CVE-2024-27808. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Apple visionOS. This affects an unknown part of the component Web Contents Handler. The manipulation leads to memory corruption. This vulnerability is uniquely identified as CVE-2024-27808. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Apple watchOS and classified as critical. This vulnerability affects unknown code of the component Web Contents Handler. The manipulation leads to memory corruption. This vulnerability was named CVE-2024-27808. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Apple Safari and classified as critical. This issue affects some unknown processing of the component Web Contents Handler. The manipulation leads to memory corruption. The identification of this vulnerability is CVE-2024-27808. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Apple tvOS. It has been classified as critical. Affected is an unknown function of the component Web Contents Handler. The manipulation leads to memory corruption. This vulnerability is traded as CVE-2024-27808. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Apple iOS and iPadOS. It has been rated as critical. Affected by this issue is some unknown functionality of the component Web Contents Handler. The manipulation leads to memory corruption. This vulnerability is handled as CVE-2024-27820. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.