Aggregator
新 Helix 语音钓鱼团伙现身,发起 SharePoint 数据窃取攻击
The open source library holding up your stack might have one maintainer
Every serious software product runs on code that someone else wrote and released for free. A web service leans on a cryptography library, a data pipeline pulls in a parser, and a mobile app ships a handful of small utilities that one person maintains in spare time. All of it carries the same label. A new paper argues that the single label hides differences large enough to change how each piece behaves once it lands … More →
The post The open source library holding up your stack might have one maintainer appeared first on Help Net Security.
每周高级威胁情报解读(2026.07.03~07.09)
CVE-2026-12123 | plugins360 All-in-One Video Gallery Plugin up to 4.8.5 on WordPress Request vdl server-side request forgery
CVE-2026-12276 | LA-Studio Element Kit Plugin up to 1.6.0 on WordPress User Registration authorization
CVE-2026-12685 | EscortWP Plugin up to 3.6.2 on WordPress backdoor
Most data brokers won’t tell you what happened to your deletion request
Data brokers collect personal details on most adults in the United States and sell them to buyers that include employers, landlords, insurance companies, and government agencies. California gives residents a way to push back. You can ask a broker to delete your records, or to stop selling and sharing them. A team at UC Irvine decided to find out what happens when someone sends those requests to the whole California registry. The answer gives consumers … More →
The post Most data brokers won’t tell you what happened to your deletion request appeared first on Help Net Security.