Aggregator

Knostic是一家专注AI安全的初创公司，创新提出“需知访问控制”框架，解决LLM部署中的数据泄露风险。

《中国人民银行业务领域数据安全管理办法》已经2025年4月2日中国人民银行第5次行务会议审议通过，现予发布

本文利用无监督学习技术，通过聚类算法在流量样本中识别相似模式，以实现对Tor用户的画像分析。

Cybersecurity researchers have shed light on a new malware campaign that makes use of a PowerShell-based shellcode loader to deploy a remote access trojan called Remcos RAT. "Threat actors delivered malicious LNK files embedded within ZIP archives, often disguised as Office documents," Qualys security researcher Akshay Thorve said in a technical report. "The attack chain leverages mshta.exe for

费城儿童医院与宾夕法尼亚大学医学团队利用定制的 CRISPR 基因编辑疗法，成功治愈了一名患有罕见遗传病的儿童。研究报告发表在《New England Journal of Medicine》期刊上。该突破将为治疗目前尚无有效疗法的罕见疾病打开新的大门。这名患儿名为 KJ，出生时即患有严重的氨基甲酰磷酸合成酶1（CPS1）缺乏症，这是一种极为罕见的代谢性疾病——每 130 万名婴儿中仅发病 1 例，患病婴儿会因氨代谢不正常而死亡。出生后的最初几个月，他一直在医院接受严格的饮食控制和管理。2025 年 2 月，在他大约 6—7 个月大的时候，接受了第一次定制开发的基因编辑疗法。治疗过程安全顺利，目前KJ已健康地成长。团队设计并实施了一种基于碱基编辑技术的疗法。这种疗法通过脂质纳米颗粒将基因编辑工具输送至肝脏，从而修复其体内的缺陷酶。KJ于2025年2月下旬首次接受这种实验性疗法输注，随后在3月和4月分别接受了第二和第三剂治疗。截至2025年4月，在接受三剂治疗后，KJ未出现严重副作用。在接受治疗后不久，他便能够耐受更高的膳食蛋白质摄入量，所需的氮清除剂剂量也明显减少。但还需要更长时间的随访以全面评估该疗法的长期疗效和安全性。

Даже через HTTPS видно, где вы работаете, что любите и кого поддерживаете — и это не баг, а стандарт.

Google released emergency security updates to fix a Chrome vulnerability that could lead to full account takeover. Google released emergency security updates to address a Chrome browser vulnerability, tracked as CVE-2025-4664, that could lead to full account takeover. The security researcher Vsevolod Kokorin (@slonser_) discovered the vulnerability, which stems from an insufficient policy enforcement in […]

A vulnerability was found in Hitachi Infrastructure Analytics Advisor and Ops Center Analyzer. It has been rated as critical. This issue affects some unknown processing of the component Data Center Analytics. The manipulation leads to use of less trusted source. The identification of this vulnerability is CVE-2025-1245. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in Contact Form Builder with Drag & Drop Plugin up to 2.4.2 on WordPress. Affected is an unknown function of the component Setting Handler. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2025-3201. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Simple Lightbox Plugin up to 2.9.3 on WordPress. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2025-3516. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

Плата, которая умеет больше, чем кажется — от автонастройки до Wi‑Fi 7.

A vulnerability was found in Status2k. It has been rated as critical. This issue affects some unknown processing of the component Admin Panel. The manipulation leads to code injection. The identification of this vulnerability is CVE-2014-5090. The attack may be initiated remotely. Furthermore, there is an exploit available.

В ленте вместо танцев — облака, музыка и просьба расслабиться.

官方将对被骗汇款的客户进行赔偿

A vulnerability, which was classified as problematic, was found in SourceCodester Online Student Clearance System 1.0. This affects an unknown part. The manipulation leads to exposure of information through directory listing. This vulnerability is uniquely identified as CVE-2025-4807. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, has been found in SourceCodester/oretnom23 Stock Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/?page=back_order/view_bo. The manipulation of the argument ID leads to sql injection. This vulnerability is handled as CVE-2025-4806. The attack may be launched remotely. Furthermore, there is an exploit available.

Submit #572238 / VDB-309261

Submit #572219 / VDB-309260

Submit #572172 / VDB-309072