先知通用漏洞收集计划AI应用专项报名开启!
本期活动持续时间:2026年3月9日9:00至2026年3月18日12:00
Aggregator
恢复、韧性还是持续受损?从网络空间测绘视角看伊以冲突一周态势演变(第二期)
1 month ago
【图说】重庆信通设计院:一图看清 人工智能安全“大模型备案”怎么做
1 month ago
前言:
大模型备案是我国规范生成式 AI 发展的核心监管举措,因技术普及伴生内容、数据、伦理等风险,依托《生成式人工智能服务管理暂行办法》等法规落地,明确面向境内公众的相关服务需备案,通过全流程监管筑牢安全防线,推动行业从野蛮生长转向合规高质量发展,未备案将面临严厉处罚。
来源:重庆信通设计院天空实验室
网络伍豪
«Это фейк», говорит MAX. Хабр проверил и подтвердил проблему. Кому верить?
1 month ago
Пользователь и журналисты говорят о доступе к картинкам по URL, пресс-служба мессенджера называет историю фейком.
Collaboration Critical As Geopolitical Pressures, AI Reshape Cybersecurity
1 month ago
Collaboration is more important than ever—and doable—according to the WEF’s Global Security Outlook 2026 report.
The post Collaboration Critical As Geopolitical Pressures, AI Reshape Cybersecurity appeared first on Security Boulevard.
Teri Robinson
思科:注意已遭利用的两个 Catalyst SD-WAN 管理器 0day 漏洞
1 month ago
速修复
电动汽车充电网络告警:Everon OCCP 后端系统存在严重漏洞
1 month ago
速更换
SLH
1 month ago
You must login to view this content
cohenido
开年连中三元!长亭科技全栈智能安全能力获国家级采购全面认可
1 month ago
👍 👍 👍
PR堆积如山?Code Review太费时间?长亭科技发布免费 AI Code Review 机器人
1 month ago
强势围观!
Спросили у ChatGPT - ответили хакеру. Почему не стоит доверять каждому «умному» помощнику
1 month ago
Новый отчёт Microsoft раскрывает масштаб скрытой слежки за пользователями.
Google Confirms 90 Zero-Day Vulnerabilities Actively Exploited in 2025
1 month ago
The Google Threat Intelligence Group (GTIG) released its annual analysis, confirming that 90 zero-day vulnerabilities were actively exploited in the wild throughout 2025. While this marks a slight decrease from the record 100 zero-days in 2023, it represents a noticeable increase from 2024’s total of 78. According to Google’s researchers, attackers are shifting their focus […]
The post Google Confirms 90 Zero-Day Vulnerabilities Actively Exploited in 2025 appeared first on Cyber Security News.
Abinaya
FBI investigates breach of surveillance and wiretap systems
1 month ago
The U.S. Federal Bureau of Investigation (FBI) confirmed on Thursday that it's investigating a breach that affected systems used to manage surveillance and wiretap warrants. [...]
Sergiu Gatlan
CVE-2026-28696 | Craft CMS prior 4.17.0-beta.1/5.9.0-beta.1 GraphQL Directive Elements::parseRefs authorization
1 month ago
A vulnerability classified as problematic was found in Craft CMS. Affected is the function Elements::parseRefs of the component GraphQL Directive Handler. Executing a manipulation can lead to authorization bypass.
The identification of this vulnerability is CVE-2026-28696. The attack may be launched remotely. There is no exploit available.
Upgrading the affected component is advised.
vuldb.com
CVE-2026-28783 | Craft CMS prior 5.9.0-beta.1/4.17.0-beta.1 Twig code injection (GHSA-5fvc-7894-ghp4)
1 month ago
A vulnerability was found in Craft CMS and classified as critical. This vulnerability affects unknown code of the component Twig. Such manipulation leads to code injection.
This vulnerability is listed as CVE-2026-28783. The attack may be performed from remote. There is no available exploit.
It is suggested to upgrade the affected component.
vuldb.com
CVE-2026-28782 | Craft CMS prior 4.17.0-beta.1/5.9.0-beta.1 authorization (GHSA-jxm3-pmm2-9gf6)
1 month ago
A vulnerability categorized as problematic has been discovered in Craft CMS. The impacted element is an unknown function. The manipulation results in authorization bypass.
This vulnerability is reported as CVE-2026-28782. The attack can be launched remotely. No exploit exists.
It is advisable to upgrade the affected component.
vuldb.com
CVE-2026-28781 | Craft CMS prior 4.17.0-beta.1/5.9.0-beta.1 POST Request authorization (GHSA-2xfc-g69j-x2mp)
1 month ago
A vulnerability identified as problematic has been detected in Craft CMS. This affects an unknown function of the component POST Request Handler. This manipulation causes authorization bypass.
This vulnerability appears as CVE-2026-28781. The attack may be initiated remotely. There is no available exploit.
You should upgrade the affected component.
vuldb.com
CVE-2025-70218 | D-Link DIR-513 1.10 /goform/formAdvFirewall stack-based overflow
1 month ago
A vulnerability was found in D-Link DIR-513 1.10. It has been declared as critical. This vulnerability affects unknown code of the file /goform/formAdvFirewall. Executing a manipulation can lead to stack-based buffer overflow.
This vulnerability is tracked as CVE-2025-70218. The attack can be launched remotely. No exploit exists.
vuldb.com
CVE-2025-70226 | D-Link DIR-513 1.10 formEasySetupWizard curTime stack-based overflow
1 month ago
A vulnerability, which was classified as critical, was found in D-Link DIR-513 1.10. This vulnerability affects unknown code of the file /goform/formEasySetupWizard. Executing a manipulation of the argument curTime can lead to stack-based buffer overflow.
This vulnerability appears as CVE-2025-70226. The attack may be performed from remote. There is no available exploit.
vuldb.com
CVE-2026-26949 | Dell Device Management Agent up to 26.01 authorization (dsa-2026-105 / EUVD-2026-9446)
1 month ago
A vulnerability, which was classified as critical, has been found in Dell Device Management Agent up to 26.01. This impacts an unknown function. The manipulation leads to incorrect authorization.
This vulnerability is uniquely identified as CVE-2026-26949. Local access is required to approach this attack. No exploit exists.
It is advisable to upgrade the affected component.
vuldb.com