Aggregator

速更换

强烈建议开发者审查composer.json文件，并立即移除任何由nhattuanbl撰写的软件包。

OpenAI introduced Codex Security⁠, an AI agent that reviews codebases to find, verify, and help fix software vulnerabilities. The launch comes a few weeks after rival Anthropic unveiled its Claude Code Security tool. Codex Security (Source: OpenAI) The feature is available in research preview via Codex Web for ChatGPT Pro, Enterprise, Business, and Edu customers, with free access for the next month. Previously known as Aardvark, Codex Security launched last year in a private beta … More →

The post OpenAI joins the race in AI-assisted code security appeared first on Help Net Security.

从“筑墙”到“狩猎”：特朗普政府重塑美国网络空间战略

行业大模型可能是提示词注入攻击的风险重灾区

Currently trending CVE - Hype Score: 3 - A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13.5, iOS 16.6 and iPadOS 16.6, Safari 16.6. Processing maliciously crafted web content may lead to memory corruption.

Currently trending CVE - Hype Score: 3 - This issue was addressed with improved checks. This issue is fixed in macOS Tahoe 26.2, macOS Sonoma 14.8.3, macOS Sequoia 15.7.3, iOS 18.7.3 and iPadOS 18.7.3. An app may be able to access sensitive user data.

Почему модернизация не спасла владельца Cocorico от убытков?

上周关注度较高的产品安全漏洞(20260302-20260308)

国家信息安全漏洞共享平台（以下简称CNVD）本周共收集、整理信息安全漏洞314个，其中高危漏洞168个、中危漏洞128个、低危漏洞18个。

本周五见！

A newly discovered vulnerability is challenging the long-held belief that macOS systems are inherently immune to malware. Security researchers from Kaspersky’s Global Research and Analysis Team (GReAT) have identified a critical flaw that allows threat actors to execute malicious code on Macs simply by processing a tampered image file. ExifTool, a widespread open-source utility for […]

The post Critical ExifTool Flaw Lets Malicious Images Trigger Code Execution on macOS appeared first on Cyber Security News.

Обновись или засветись – главный совет для тех, кто до сих пор сидит на старом Viber.

A severe vulnerability affecting multiple Hikvision products was added to the Known Exploited Vulnerabilities (KEV) catalog on March 5, 2026. Tracked globally under CVE-2017-7921, this security flaw poses a significant risk to organizations that rely on these popular surveillance systems. The flaw enables malicious users to bypass standard security checks, escalate their privileges, and gain […]

The post Hikvision Multiple Products Vulnerability Allows Malicious Users to Escalate Privileges appeared first on Cyber Security News.

FBI 通过瑞士邮件服务商 Proton Mail 提供的信息识别了亚特兰大抗议组织 Defend the Atlanta Forest/Stop Cop City 领导人的身份。Proton Mail 坚称它必须遵守瑞士的法律。Stop Cop City 官方 FB 账号使用的邮箱是 [email protected]，FBI 援引《司法互助条约（Mutual Legal Assistance Treaty 或 MLAT）》，请求瑞士司法部向 Proton Mail 索取信息。瑞士与逾 30 个国家签订了 MLAT。Proton 向瑞士司法机构提供了信息，然后由瑞士转交给了 FBI。Proton AG 通讯主管 Edward Shone 表示，该公司没有直接向 FBI 提供信息，相关信息是 FBI 通过瑞士司法部获取到的。

A wave of counterfeit AI-powered browser extensions has silently breached over 20,000 enterprise environments, compromising the chat histories of employees who routinely used AI tools for work. These malicious Chromium-based extensions disguised themselves as legitimate AI assistant tools and accumulated close to 900,000 installs before the threat was surfaced. What made these extensions particularly alarming […]

The post Microsoft Warns Fake AI Browser Extensions Compromised Chat Histories Across 20,000+ Enterprise Tenants appeared first on Cyber Security News.

本文详细解析了Android高版本（7.0+）小程序与APP抓包的技术难点与完整解决方案。核心痛点在于系统安全策略升级：Android 7.0默认不信任用户证书，9.0禁用明文HTTP，10+支持TLS1.3，13+采用QUIC/HTTP3协议，导致传统抓包工具失效。

Контроль переходит к посторонним моментально. Для взлома даже не нужны специальные навыки.

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert regarding multiple Apple vulnerabilities currently facing active exploitation. On March 5, 2026, CISA added three security flaws affecting macOS, iOS, iPadOS, and other Apple products to its Known Exploited Vulnerabilities (KEV) catalog. This addition warns network defenders that threat actors are actively leveraging […]

The post CISA Warns of macOS and iOS Vulnerabilities Exploited in Attacks appeared first on Cyber Security News.