Aggregator

A vulnerability was found in Plixer Scrutinizer up to 19.3.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /debug/. Such manipulation leads to information exposure through debug log file. This vulnerability is listed as CVE-2023-41263. The attack may be performed from remote. There is no available exploit. It is suggested to upgrade the affected component.

A vulnerability identified as critical has been detected in Plixer Scrutinizer up to 19.3.0. The affected element is an unknown function of the file /fcgi/scrut_fcgi.fcgi of the component csvExportReport Endpoint. This manipulation of the argument sorting causes sql injection. This vulnerability appears as CVE-2023-41262. The attacker needs to be present on the local network. There is no available exploit. You should upgrade the affected component.

寻找漏洞驱动,利用白驱动强杀Windows Defender

Kepler нашел «вторую Землю» и сразу же умер, забрав доказательства с собой.

近日，“谛听”团队杨鹤晨博士撰写的论文《RL-ACID: Reinforcement Learning-Optimized Adaptive Causal Discovery for Robust Anomaly Detection in Industrial Systems》被国际期刊《IEEE Transactions on Industrial Informatics》录用。

Nacos-spring-context 2.1.1及之前版本存在XXE漏洞，因DocumentBuilderFactory未禁用外部实体导致远程文件读取与SSRF。

漏洞来源影响版本Letta 0.7.12漏洞描述letta-ai Letta 0.7.12 中的 letta.server.rest_api.routers.v1.tools.run_tool_from_source 存在远程代码执行漏洞，允许远程攻击者通过精心构造的有效载荷向 /v1/tools/run 端点执行任意 Python 代码和系统命令，从而绕过预期的沙箱限制。漏洞成因位于 /v1/t

当前，利用人工智能、区块链、深度伪造等新技术实施的电信网络诈骗、网络勒索、涉虚拟货币犯罪和跨境赌博等新型网络犯

网络犯罪的蔓延成为数字时代不可回避的治理难题。从跨境诈骗形成的“开发—引流—洗钱”全链条，到AI换脸技术催生的新型犯罪形态，传统治理模式已难以应对技术迭代带来的挑战。

为有效遏制网络犯罪源头、整治网络犯罪生态，提升人民群众网络安全感和满意度，经充分调研论证，公安部起草了《网络犯

一名优秀特工，往往具备常人难以企及的敏锐观察力和洞察细节的能力。这种“慧眼”绝非天生，而是通过系统严格的训练磨炼而成。

OpenAI previously confirmed that it's testing ads in ChatGPT for free and $8 Go accounts, and now we're seeing early signs of that rollout, at least on Android. [...]

手机智能的代价是使用用户隐私数据？以苹果为例，看看在使用 Siri 时哪些隐私数据被不安全的传到云端

A critical vulnerability in Moltbook, the nascent AI agent social network launched late January 2026 by Octane AI’s Matt Schlicht, exposes email addresses, login tokens, and API keys for its registered entities amid hype over 1.5 million “users.” Researchers revealed an exposed database misconfiguration allowing unauthenticated access to agent profiles, enabling bulk data extraction. This […]

The post Moltbook AI Vulnerability Exposes Email Addresses, Login Tokens, and API Keys appeared first on Cyber Security News.

OpenAI has confirmed that it's retiring ChatGPT's most popular model called GPT-4o and several other models, including GPT-5 Instant, GPT-5 Thinking, GPT-4.1, GPT-4.1 mini, and o4-mini. [...]

Currently trending CVE - Hype Score: 11 - Out of bounds read and write in V8 in Google Chrome prior to 137.0.7151.68 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Name: ATC Winter Vibes Community CTF 2.0 (an ATC Winter Vibes Community CTF event.)
Date: Jan. 30, 2026, 2 p.m. — 31 Jan. 2026, 14:00 UTC  [add to calendar]
Format: Jeopardy
On-line
Offical URL: https://atcwintervibesctf.com/
Rating weight: 0.00
Event organizers: ATC CTF Team

Name: RCS CTF 26 (an Republic of Cyber Sentinals event.)
Date: Jan. 30, 2026, 7 p.m. — 31 Jan. 2026, 14:00 UTC  [add to calendar]
Format: Jeopardy
On-site
Location: Lovely Professional University, Jalandhar
Offical URL: https://encryptedge.in/
Rating weight: 0.00
Event organizers: EN¢R¥PT_EDGE€

苹果改进线上商店购机流程 Mac 订单全面改为「自选配置」模式；NASA 新一代超级计算机「雅典娜」宣布投用；苹果早期稀有藏品拍出逾 810 万美元「庆典」Apple‑1 原型板成最大赢家