Aggregator

作者：Xiaoqing Wang, Keman Huang, Bin Liang, Hongyu Li, Xiaoyong Du 译者：知道创宇404实验室翻译组 原文链接：https://arxiv.org/html/2511.18467v1 摘要 基于大语言模型（LLM）的多智能体系统的快速发展极大地简化了软件开发任务，使缺乏技术专业知识的用户也能开发可执行应用程序。这些系统通过自然语言...

error code: 521

Homelinuxbluetui – 运行在 Linux 终端里，带图形界面的蓝牙管理工具

安全智能体的尽头，是MCP？

多份2025年行业报告显示，大约 50%–61% 的新披露漏洞会在 48小时内出现可利用的攻击代码。

Слухи о сделке Google и Meta заставили Nvidia нервничать.

环境异常 当前环境异常，完成验证后即可继续访问。 去验证

环境异常 当前环境异常，完成验证后即可继续访问。 去验证

The European Union’s Cyber Resilience Act (CRA) has captured global attention because of the new

The EU’s Cyber Resilience Act is reshaping global software security expectations, especially for SaaS, where shared responsibility, lifecycle security and strong identity protections are essential as attackers increasingly “log in” instead of breaking in.

The post The Cyber Resilience Act and SaaS: Why Compliance is Only Half the Battle  appeared first on Security Boulevard.

2025年11月26日 15:49软件资讯01.39K #软件资讯 Plex 从本周开始执行新规则严格禁止未订阅用户通过 Roku OS 应用远程访问 Plex 媒体服务器内容，即要么

2025年网络空间安全学术会议拟于12月5-7日在海口举行

A vulnerability was found in Tax Service Electronic HDM Plugin up to 1.2.0 on WordPress and classified as problematic. Affected is an unknown function. Such manipulation leads to cross-site request forgery. This vulnerability is documented as CVE-2025-12061. The attack can be executed remotely. There is not any exploit available. It is suggested to upgrade the affected component.

A vulnerability has been found in ASR Lapwing_Linux on Linux and classified as critical. This impacts an unknown function of the file Code/nr_fw/DLP/src/NrCgi.C. This manipulation causes out-of-bounds read. This vulnerability is registered as CVE-2025-13735. Remote exploitation of the attack is possible. No exploit is available. The affected component should be upgraded.

The holiday shopping season no longer starts with doorbusters or glittering storefronts. It now

AI-enabled cybercriminals are exploiting the holiday shopping season with precision phishing, account takeovers, payment skimming and ransomware, forcing retailers to adopt real-time, adaptive defenses to keep pace.

The post AI Cybercriminals Target Black Friday and Cyber Monday appeared first on Security Boulevard.

Vectra AI announced Vectra AI Shield for Microsoft, a purpose-built solution that enables channel partners and MSSPs to deliver unified visibility and control across Microsoft Entra ID, Microsoft 365, Copilot for M365, and Azure Cloud in a single AI-powered platform. Closing the Microsoft visibility gap While Microsoft’s native tools provide broad coverage, many organizations — and the partners that protect them — still face blind spots across hybrid and identity-based attacks. Fragmented products, inconsistent alerts, … More →

The post Vectra AI unifies threat visibility across Microsoft environments appeared first on Help Net Security.

We've just released a tool that fixes a particularly annoying problem for those trying

Ostorlab introduced the AI Pentesting Engine for Mobile Applications, bringing automated, AI‑driven penetration testing to mobile security. The new engine helps security teams and developers uncover, validate, and safely exploit vulnerabilities that tools miss or bury in noise, so they can prioritize fixes with confidence. Behind the scenes, the AI engine learns complex app behaviors, navigates authentication and session constraints, and confirms exploitability with proof‑of‑concept evidence. The result is a concise, verified list of issues … More →

The post Ostorlab brings automated, proof-backed mobile app security testing appeared first on Help Net Security.

Легальный софт Syncro стал инструментом взлома. Что нужно знать, чтобы не попасться.