Aggregator

李继刚老师之前在即刻发了一条“知识星球是时间的朋友”，并告诉我他的感受： - 知识星球的结构，就是沉淀，越陈越香。 - 现在有了 AI，配合积累的文字，有机会发挥。 他把写过的 Prompt 都沉淀到一个星球里了。 知识星球后续会更快地实验知识库的能力，争取让沉淀出效果。

After nearly four decades as a symbol of frustration and failure for PC users worldwide, Microsoft is officially retiring the iconic Blue Screen of Death (BSOD) in favor of a new, sleeker Black Screen of Death. The change, set to roll out later this summer with Windows 11 version 24H2, marks the most significant visual […]

The post Windows Says Goodbye to Blue Screen of Death, Introduces Black Screen appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Security公司推出名为LakeVilla的数据湖工具，作为SIEM平台的低成本替代方案。该工具可将不活跃的遥测数据存储于云对象存储中，并支持直接查询和回放。通过减少冷数据存储成本和优化SIEM中的数据量，帮助企业更高效地发现异常行为并应对 telemetry 数据爆炸带来的挑战。

Abstract Security this week added a data lake, dubbed LakeVilla, to a portfolio of tools for migrating data between cybersecurity tools to provide a less expensive alternative to a security information event management (SIEM) platform for storing data.

The post Abstract Security Adds Data Lake to Reduce Storage Costs appeared first on Security Boulevard.

Весь Open VSX стал потенциальным оружием хакеров.

Hackers have begun actively exploiting a critical vulnerability that grants them full control over thousands of servers, including those performing vital functions in data centers. This alarming development has prompted a warning from the...

The post CISA Warns: Critical AMI MegaRAC Firmware Flaw (CVE-2024-54085, CVSS 10.0) Actively Exploited for Server Takeover appeared first on Penetration Testing Tools.

A vulnerability has been found in BuddyPress Docs Plugin up to 2.2.4 on WordPress and classified as problematic. This vulnerability affects unknown code of the component Download File Handler. The manipulation leads to authorization bypass. This vulnerability was named CVE-2025-5526. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in WP Map Block Plugin up to 2.0.2 on WordPress. This affects an unknown part of the component Block Option Handler. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2025-5194. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Responsive Lightbox & Gallery Plugin up to 2.5.1 on WordPress. Affected by this issue is some unknown functionality of the component Swipebox Library. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2025-5093. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Firelight Lightbox Plugin up to 2.3.15 on WordPress. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2025-5035. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A critical security vulnerability has been discovered in multiple Mitsubishi Electric air conditioning systems, potentially allowing hackers to bypass authentication and remotely control affected units. The flaw, identified as CVE-2025-3699, was disclosed by Mitsubishi Electric on June 26, 2025, and has been assigned a maximum CVSS base score of 9.8, indicating its severity. Authentication Bypass […]

The post Mitsubishi Electric AC Flaw Lets Hackers Remotely Control Systems appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Microsoft is preparing a significant overhaul of the infamous Blue Screen of Death (BSOD) in Windows. As part of the Windows Resiliency Initiative, the iconic blue error screen will be replaced by a new...

The post Windows 11 Retires Blue Screen of Death: New Black Crash Screen Focuses on Faster Diagnostics appeared first on Penetration Testing Tools.

Google DeepMind 新开发的 AI 模型 AlphaGenome 能帮助科学家解析基因组序列中的“暗物质”——非编码区，了解它们如何影响细胞内部运作并导致癌症等疾病的发生。从事非商业工作的研究人员现可使用 API 通过 DeepMind 的服务器访问该模型。在人类基因组序列中，98% 是不直接参与蛋白质编码合成的基因，即非编码区，但它们可以影响蛋白质活性，并包含了大量与疾病相关的变异位点。弄清楚 DNA 序列的作用很难，因为没有现成的答案，就像 AlphaFold 预测蛋白质3D结构一样。从吸引一组细胞机器附着在染色体的特定部分并将附近的基因转录为 RNA 分子，到吸引影响基因表达发生地点、时间和程度的转录因子，单个 DNA 片段具有许多相互关联的作用。例如许多 DNA 序列通过改变染色体的 3D 形状影响基因活性，从而限制或简化转录机器的访问。几十年来，科学家开发了数十种 AI 模型理解基因组。其中许多都集中在单个任务上，例如预测基因表达水平或确定外显子是如何被剪切并拼接到不同蛋白质中的。而 AlphaGenome 正是一个“一体化”解释 DNA 序列的工具。AlphaGenome 可以处理多达 100 万个 DNA 碱基，这可能包括一个基因和无数个调节元件，并能针对多种生物特性进行数千次预测。而且，AlphaGenome在预测过程中对单个 DNA 碱基的变化十分敏感，这意味着科学家可以预测突变的影响。

有网友因相机电池无3C认证标志被机场安检员拦下，后经虹桥机场澄清新规仅针对充电宝等产品。

GreyNoise警告Progress MOVEit Transfer系统自5月27日起遭遇大量扫描活动，可能预示新一轮攻击。该工具常用于传输敏感数据，成为攻击目标。过去90天内标记682个IP地址，多数来自美国。已检测到针对CVE-2023-34362和CVE-2023-36934漏洞的低强度攻击尝试。建议用户封锁IP、更新软件并避免公开暴露系统。

Threat intelligence firm GreyNoise is warning of a "notable surge" in scanning activity targeting Progress MOVEit Transfer systems starting May 27, 2025—suggesting that attackers may be preparing for another mass exploitation campaign or probing for unpatched systems.MOVEit Transfer is a popular managed file transfer solution used by businesses and government agencies to share sensitive data

A new wave of malicious npm packages has been uncovered, linked to the ongoing Contagious Interview operation, which has been attributed to North Korean threat actors. The discovery was made by the cybersecurity firm...

The post North Korean APT Launches Massive npm Supply Chain Attack: Typosquatting & Fake Jobs Steal Crypto from Devs appeared first on Penetration Testing Tools.

文章指出当前环境异常，需完成验证后方可继续访问。

文章指出当前环境出现异常，需完成验证后才能继续访问。

A cybercriminal group has begun exploiting the popular ConnectWise ScreenConnect software to craft malware bearing a legitimate digital signature, thereby enabling the covert installation of remote access tools on victims’ devices. This alarming tactic...

The post EvilConwi Unmasked: Hackers Weaponize Signed ConnectWise ScreenConnect Installers for Malware Deployment appeared first on Penetration Testing Tools.