Aggregator

Submit #701826 / VDB-334669

本篇文章前期主要是给师傅们介绍LLM提示词注入攻击&AI大模型“越狱”的相关知识点，后期主要是给师傅们拿本地大模型演示如何进行大模型提示词注入和“越狱”相关安全问题操作的。 这篇文章很大的弥补了网上很多文章只有理论，但是没有想过大模型提示词注入和“越狱”的实操了，也是很多师傅们问我说这个方向很空洞的一个原因。所以这次我带了很多案例，师傅们也是很容易看的懂的操作。

Пока мир охлаждает квантовые системы до абсолютного нуля, поляки поймали терагерц при 20°C.

「年轻人，不要怕，没什么可怕的。」

国际原子能机构发表报告，它的一个小组完成了对切尔诺贝利核电站新安全防护罩（New Safe Confinement）的全面安全评估。防护罩在今年的一次无人机袭击中严重受损，外壳起大火。报告确认防护罩失去了其主要安全功能，包括防辐射外泄的能力，但同时也发现其承重结构和监测系统未遭受永久损坏。防护罩于 2010 年开始建造，2019 年竣工，设计使用寿命为 100 年。项目耗资 21 亿欧元，资金来自 45 个以上国家和组织的捐助，被誉为核安全领域有史以来规模最大的国际合作。

今日暂未更新资讯~
更多最新文章，请访问SecWiki

KiSystemCall64是Windows x64系统中的内核例程，作为用户态程序通过syscall指令进入内核态的统一入口。KiSystemCall64钩子技术的核心在于对 IA32_LSTAR MSR 寄存器的精密操控，通过替换系统调用入口点，实现对所有系统调用的统一拦截。

Пока девочки аккуратно выводят цифры, мальчики срезают углы и побеждают.

A vulnerability marked as critical has been reported in itsourcecode Student Management System 1.0. This vulnerability affects unknown code of the file /edit_user.php. The manipulation of the argument fname leads to sql injection. This vulnerability is uniquely identified as CVE-2025-14226. The attack is possible to be carried out remotely. Moreover, an exploit is present. Other parameters might be affected as well.

Submit #701801 / VDB-334668

A vulnerability labeled as critical has been found in D-Link DCS-930L 1.15.04. This affects an unknown part of the file /setSystemAdmin of the component alphapd. Executing manipulation of the argument AdminID can lead to command injection. This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability is handled as CVE-2025-14225. The attack can be executed remotely. Additionally, an exploit exists.

Twee F-35’s van de luchtmacht zijn vanmorgen opgestegen om een onbekend object in het Nederlands verantwoordelijkheidsgebied te identificeren. Het object vloog op een hoogte in het Nederlands luchtruim waar identificatie en communicatie met de verkeersleiding verplicht is, maar maakte zich niet kenbaar door bijvoorbeeld radioverkeer of een transponder. De inzet van de gevechtsvliegtuigen betrof een zogeheten Quick Reaction Alert (QRA) op aanwijzing van het Air Operations Control Station in Nieuw Milligen.

A vulnerability identified as critical has been detected in Yottamaster DM2, DM3 and DM200 up to 1.2.23/1.9.12. Affected by this issue is some unknown functionality of the component File Upload. Performing manipulation results in path traversal. This vulnerability is known as CVE-2025-14224. Remote exploitation of the attack is possible. Furthermore, an exploit is available. The vendor was contacted early about this disclosure but did not respond in any way.

Submit #701774 / VDB-334667

Submit #701748 / VDB-253069

A vulnerability categorized as critical has been discovered in code-projects Simple Leave Manager 1.0. Affected by this vulnerability is an unknown functionality of the file /request.php. Such manipulation of the argument staff_id leads to sql injection. This vulnerability is traded as CVE-2025-14223. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in code-projects Employee Profile Management System 1.0. It has been rated as critical. Affected is an unknown function of the file /print_personnel_report.php. This manipulation of the argument per_id causes sql injection. This vulnerability appears as CVE-2025-14222. The attack may be initiated remotely. In addition, an exploit is available.

Submit #701673 / VDB-334666