Aggregator

企业版产品火绒终端安全管理系统由于产品发展规划，中心V2.0.16.0及以上版本将不再支持Windows Server 2008及以下系统，请火绒用户避免在以上环境下继续运行中心，以免影响您的管控。

IBM 宣布了最新的 z17 大型机，每秒能处理最多 27 万亿次操作，性能比 2022 年发布的 z16 快 50%，预计夏天上市。z17 使用了 Telum II 处理器，是 z16 使用的 Telum 处理器的升级版，为 8 核、频率 5.5GH，配有 360MB 虚拟 L3 缓存和 2.88GB 虚拟 L4 缓存。Telum II 还引入了旨在帮助加速 AI 工作负载的新数据处理单元等功能。Telum 一代使用三星 7 纳米工艺制造，二代尚无更多信息。

GitGuardian's State of Secrets Sprawl report for 2025 reveals the alarming scale of secrets exposure in modern software environments. Driving this is the rapid growth of non-human identities (NHIs), which have been outnumbering human users for years. We need to get ahead of it and prepare security measures and governance for these machine identities as they continue to be deployed, creating an

Microsoft has uncovered a sophisticated ransomware campaign exploiting a zero-day vulnerability in the Windows Common Log File System (CLFS), tracked as CVE-2025-29824. The vulnerability allows attackers to escalate privileges from a standard user account to SYSTEM level, enabling widespread deployment of ransomware within compromised environments. Exploitation Details The exploit, deployed by the threat actor known […]

The post Ransomware Group Actively Exploits Windows CLFS Zero-Day Vulnerability appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Currently trending CVE - Hype Score: 17 - An inconsistent comparator in xslt/txNodeSorter could have resulted in potentially exploitable out-of-bounds access. Only affected version 122 and later. This vulnerability affects Firefox < 136, Firefox ESR < 128.8, Thunderbird < 136, and Thunderbird < 128.8.

Currently trending CVE - Hype Score: 18 - A flaw was found in Yelp. The Gnome user help application allows the help document to execute arbitrary scripts. This vulnerability allows malicious users to input help documents, which may exfiltrate user files to an external environment.

Currently trending CVE - Hype Score: 1 - OpenVPN version 2.6.1 through 2.6.13 in server mode using TLS-crypt-v2 allows remote attackers to trigger a denial of service by corrupting and replaying network packets in the early handshake phase

Currently trending CVE - Hype Score: 7 - Python JSON Logger is a JSON Formatter for Python Logging. Between 30 December 2024 and 4 March 2025 Python JSON Logger was vulnerable to RCE through a missing dependency. This occurred because msgspec-python313-pre was deleted by the owner leaving the name open to being claimed ...

While developing our Security Training Lab educational program, we at ANY.RUN have turned to well-established theories of education, cognitive skill development, and the psychology of learning. Their foundational principles emphasize one critical truth: practice is indispensable for mastering complex skills.   In the field of cybersecurity—especially in malware analysis—the ability to apply theoretical knowledge in […]

The post Why Practice Is Key to Training Top Malware Analysts and How ANY.RUN Supports It appeared first on ANY.RUN's Cybersecurity Blog.

It comes as no surprise that as the incidence of cybercrime increases, cybersec teams are becoming faster at detecting threats. 

The post The Invisible Data Battle: How AI Became a Cybersec Professional’s Biggest Friend and Foe appeared first on Security Boulevard.

分享一篇文章。

2025年4月9日（北京时间），微软发布了2025 年 4月安全更新，共发布了124个CVE的补丁程序，同比上月增加了66个。

分享一篇文章。

2025年4月9日（北京时间），微软发布了2025 年 4月安全更新，共发布了124个CVE的补丁程序，同比上月增加了66个。

Исследователи зафиксировали массовую эксплуатацию бреши с начала апреля.