Aggregator

白帽世界大会HACKPROVE WORLD2025全议题公布Hello, Hackers!全球仅占1%的白帽精英在他们的世界里没有国界与种族的界限代码和智力是唯一的共同语言HACKPROVE WORL

与君同行 共筑安全岁末将至，感谢 2024 年与 MiSRC 一路同行的小伙伴们。为了回馈为网络安全默默付出的白帽师傅们，MiSRC 将于12月21日在北京举办颁奖典礼。MiSRC 将携手多家合作伙伴

A vulnerability was found in Oracle Adaptive Access Manager 11.1.1.5/11.1.1.7/11.1.2.1/11.1.2.2. It has been declared as critical. Affected by this vulnerability is an unknown functionality in the library lib/commons-beanutils-1.8.0.jar of the component OAAM Server. The manipulation of the argument this leads to improper input validation. This vulnerability is known as CVE-2014-0114. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

HomeWindowsPowerToys v0.87.0 更新，新建+ 功能支持 Windows 10，预览窗格支持 .ahk 文件、高级粘贴的 AI 功能

A vulnerability was found in Zeroo HTTP Server 1.5. It has been classified as critical. Affected is an unknown function of the component GET Request Handler. The manipulation leads to path traversal. This vulnerability is traded as CVE-2002-2416. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

Meta Platforms, the parent company of Facebook, Instagram, WhatsApp, and Threads, has been fined €251 million (around $263 million) for a 2018 data breach that impacted millions of users in the bloc, in what's the latest financial hit the company has taken for flouting stringent privacy laws. The Irish Data Protection Commission (DPC) said the data breach impacted approximately 29 million

Meta Platforms, the parent company of Facebook, Instagram, WhatsApp, and Threads, has been fined €

「因材施教」，在 AI 时代有了新意义。整理 | Li Yuan编辑 | 靖宇因材施教，是从有教育这个概念开始，人类就一直有的教育梦想。然而受限于现实因素，在过去，将教育普及到所有人身边，已经十分困难

把大模型拉下神坛。整理 | 连冉编辑 | 靖宇两年前，大模型刚兴起时，周鸿祎开始用四个「你相不相信」呼吁现场建立 AI 信仰，从此踏上「AI 布道者」之路。去年，作为国内第一批发布大模型的互联网公司，

「因材施教」，在 AI 时代有了新意义。

把大模型拉下神坛。

What was once primarily a technical role, CISOs now find themselves accountable for organizational risk, regulatory compliance, and even legal liabilities across the entire organization. However, as cyber threats intensify, it’s clear that overseeing cybersecurity operations enterprise-wide is not feasible for just one person. In 2025, I foresee a shift in CISO accountability. Security will be a business-wide responsibility As security touches and impacts every aspect of the organization, it’s no surprise that it will … More →

The post CISO accountability: Navigating a landscape of responsibility appeared first on Help Net Security.

A vulnerability, which was classified as critical, was found in WPC Shop as a Customer for WooCommerce Plugin up to 1.2.8 on WordPress. This affects an unknown part. The manipulation leads to improper authentication. This vulnerability is uniquely identified as CVE-2024-12432. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in Video Share VOD Plugin up to 2.6.30 on WordPress and classified as problematic. This issue affects some unknown processing. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2024-12449. The attack may be initiated remotely. There is no exploit available.