Aggregator

近日，国家互联网信息办公室、公安部联合公布了《人脸识别技术应用安全管理办法》，对应用人脸识别技术处理人脸信息的基本要求、处理规则、应用安全规范、监督管理职责等作出规定，旨在进一步扎紧人脸信息保护的“篱...

近日，国家网信办、工业和信息化部、公安部、国家广播电视总局联合发布《人工智能生成合成内容标识办法》，将于今年9月1日起施行。

近日，北京市互联网信息办公室等三部门印发《北京市数据跨境流动便利化综合配套改革实施方案》。

意见反馈截止日期为2025年4月15日前。

关于第二届“长城杯”铁人三项赛（防护赛）决赛入围队伍名单公示的通知

Once thought to be dormant, the China-aligned group has also been observed using the privately-sold ShadowPad backdoor for the first time

本研究旨在系统性分析Prompt注入的类型、攻击方式及防御策略，以提升大模型的安全性。

A vulnerability was found in Pretty Links Plugin up to 1.5.5 on WordPress. It has been classified as problematic. Affected is an unknown function of the component URL Parameter Handler. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2011-4595. It is possible to launch the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

Инновационный метод позволяет хакерам навсегда сохранить доступ к скомпрометированным системам.

韩国个人信息安全法律法规及企业实践参考

Sophos X-Ops uncovers a recent campaign from an Android RAT first seen in 2019 – now infecting users in Taiwan

The UK’s National Crime Agency is warning of a growing cyber and physical threat from homegrown teens

A vulnerability classified as problematic has been found in MediaView Plugin up to 1.1.2 on WordPress. This affects an unknown part. The manipulation of the argument ID leads to cross site scripting. This vulnerability is uniquely identified as CVE-2025-2481. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in smackcoders Export All Posts, Products, Orders, Refunds & Users Plugin up to 2.13 on WordPress and classified as critical. This issue affects the function returnMetaValueAsCustomerInput. The manipulation leads to deserialization. The identification of this vulnerability is CVE-2025-2332. The attack may be initiated remotely. There is no exploit available.

A vulnerability has been found in mingyuefusu 明月复苏 tushuguanlixitong 图书管理系统 up to d4836f6b49cd0ac79a4021b15ce99ff7229d4694 and classified as critical. This vulnerability affects the function getBookList of the file /admin/bookList?page=1&limit=10. The manipulation of the argument condition leads to sql injection. This vulnerability was named CVE-2025-2831. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in mingyuefusu 明月复苏 tushuguanlixitong 图书管理系统 up to d4836f6b49cd0ac79a4021b15ce99ff7229d4694 and classified as problematic. This issue affects some unknown processing. The manipulation leads to cross-site request forgery. The identification of this vulnerability is CVE-2025-2832. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in zhangyd-c OneBlog up to 2.3.9. It has been classified as problematic. Affected is an unknown function of the component HTTP Header Handler. The manipulation of the argument X-Forwarded-For leads to inefficient regular expression complexity. This vulnerability is traded as CVE-2025-2833. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in zhangyd-c OneBlog up to 2.3.9. It has been declared as problematic. Affected by this vulnerability is the function autoLink of the file com/zyd/blog/controller/RestApiController.java. The manipulation leads to server-side request forgery. This vulnerability is known as CVE-2025-2835. The attack can be launched remotely. Furthermore, there is an exploit available.