Aggregator

AutoBackdoor:通过大语言模型代理实现自动化后门攻击

Seebug Paper
6 months 3 weeks ago
作者:Yige Li, Zhe Li, Wei Zhao, Nay Myat Min, Hanxun Huang, Xingjun Ma, Jun Sun 译者:知道创宇404实验室翻译组 原文链接:https://arxiv.org/html/2511.16709v1 摘要 后门攻击对大型语言模型(LLMs)的安全部署构成严重威胁,攻击者可通过该攻击植入由特定输入触发的隐藏行为。然而,现有...

NSFOCUS Receives International Recognition: 2025 Global Competitive Strategy Leadership for AI-Driven Security Operation

Security Boulevard
6 months 3 weeks ago

SANTA CLARA, Calif., Nov 25, 2025 – Recently, NSFOCUS Generative Pre-trained Transformer (NSFGPT) and Intelligent Security Operations Platform (NSFOCUS ISOP) were recognized by the internationally renowned consulting firm Frost & Sullivan and won the 2025 Global Competitive Strategy Leadership for AI-Driven Security Operation [1]. Frost & Sullivan Best Practices Recognition awards companies each year in […]

The post NSFOCUS Receives International Recognition: 2025 Global Competitive Strategy Leadership for AI-Driven Security Operation appeared first on NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks..

The post NSFOCUS Receives International Recognition: 2025 Global Competitive Strategy Leadership for AI-Driven Security Operation appeared first on Security Boulevard.

NSFOCUS

美国人延长了手机使用寿命

Solidot
6 months 3 weeks ago
Heather Mitchell 手中的一部 Galaxy A71 智能手机已使用了六年之久,过去 26 年她一共使用了 5 部手机,每部都用到不能用为止。根据 Reviews.org 的调查,美国人每部智能手机的平均使用寿命从 2016 年的 22 个月延长到了今天的 29 个月。延长设备使用寿命在短期内可能省钱,但长期看可能损害经济。美联储发表的一项研究称,企业每推迟一年升级设备,生产率就会下降约0.33%。

CVE-2025-59485 | Intercom Security Point of MaLion up to 5.3.3 on Windows DLL File Parser uncontrolled search path (EUVD-2025-199589)

VulDB Recent Entries
6 months 3 weeks ago
A vulnerability, which was classified as problematic, has been found in Intercom Security Point of MaLion up to 5.3.3 on Windows. Impacted is an unknown function of the component DLL File Parser. This manipulation causes uncontrolled search path. This vulnerability is handled as CVE-2025-59485. It is possible to launch the attack on the local host. There is not any exploit available. It is advisable to upgrade the affected component.
vuldb.com

CVE-2025-64693 | Intercom Security Point of MaLion prior 7.1.1.9 on Windows Request heap-based overflow (EUVD-2025-199587)

VulDB Recent Entries
6 months 3 weeks ago
A vulnerability classified as critical was found in Intercom Security Point of MaLion and Security Point of MaLionCloud on Windows. This issue affects some unknown processing of the component Request Handler. The manipulation results in heap-based buffer overflow. This vulnerability is known as CVE-2025-64693. It is possible to launch the attack remotely. No exploit is available. Upgrading the affected component is advised.
vuldb.com

Microsoft’s Update Health Tools Configuration Vulnerability Let Attackers Execute Arbitrary Code Remotely

Cyber Security News
6 months 3 weeks ago

A critical remote code execution (RCE) vulnerability in Microsoft’s Update Health Tools (KB4023057). A widely deployed Windows component designed to expedite security updates through Intune. The flaw stems from the tool connecting to dropped Azure Blob storage accounts that attackers could register and control.​ How the Vulnerability Works The vulnerability exists in version 1.0 of the Update […]

The post Microsoft’s Update Health Tools Configuration Vulnerability Let Attackers Execute Arbitrary Code Remotely appeared first on Cyber Security News.

Abinaya

CVE-2025-62691 | Intercom Security Point of MaLion prior 7.1.1.9 on Windows Request stack-based overflow (EUVD-2025-199588)

VulDB Recent Entries
6 months 3 weeks ago
A vulnerability classified as critical has been found in Intercom Security Point of MaLion and Security Point of MaLionCloud on Windows. This vulnerability affects unknown code of the component Request Handler. The manipulation leads to stack-based buffer overflow. This vulnerability is traded as CVE-2025-62691. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-10646 | Search Exclude Plugin up to 2.5.7 on WordPress REST API get_rest_permission authorization (EUVD-2025-199549)

Vuldb Updates
6 months 3 weeks ago
A vulnerability classified as problematic has been found in Search Exclude Plugin up to 2.5.7 on WordPress. Affected is the function Base::get_rest_permission of the component REST API. This manipulation causes missing authorization. The identification of this vulnerability is CVE-2025-10646. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com

CVE-2025-59373 | ASUS MyASUS 3.1.2.0 System Control Interface permission assignment (EUVD-2025-199530)

Vuldb Updates
6 months 3 weeks ago
A vulnerability was found in ASUS MyASUS 3.1.2.0 and classified as critical. Affected is an unknown function of the component System Control Interface. Executing manipulation can lead to incorrect permission assignment. This vulnerability is tracked as CVE-2025-59373. The attack is restricted to local execution. No exploit exists. It is suggested to upgrade the affected component.
vuldb.com

CVE-2025-9803 | lunary-ai lunary up to 1.9.34 Google OAuth improper authentication (EUVD-2025-199529)

Vuldb Updates
6 months 3 weeks ago
A vulnerability has been found in lunary-ai lunary up to 1.9.34 and classified as critical. The affected element is an unknown function of the component Google OAuth. This manipulation causes improper authentication. This vulnerability is tracked as CVE-2025-9803. The attack is possible to be carried out remotely. No exploit exists. The affected component should be upgraded.
vuldb.com

Managed ad