Aggregator

根据发表在《科学》期刊上的一项研究，AI 聊天机器人擅长改变人的政治观点，在使用不准确信息时其说服力更惊人。研究人员通过众包平台招募了近 7.7 万名参与者，付费让他们与 OpenAI、Meta 和 xAI 等公司的 AI 聊天机器人进行对话。研究人员首先询问了参与者在不同政治议题的立场，然后 AI 聊天机器人会尝试改变他们的想法接受相反的立场。研究显示 AI 聊天机器人非常擅长担任政治说客。研究人员发现，AI 提供的大量信息中包含了很多不准确的断言，而“最具说服力的模型和提示策略产生的信息准确率最低”。研究中 AI 聊天机器人给出的声明中有 19% 被认为“基本不准确”。研究人员担心，极具说服力的 AI 聊天机器人可能会被无道德原则的人利用，用于宣传激进的政治或宗教意识形态，或在地缘政治对手之间煽动政治动乱。

American pharmaceutical firm Inotiv is notifying thousands of people that they're personal information was stolen in an August 2025 ransomware attack. [...]

Уязвимость CVE-2025-55182 официально превращается в инструмент массовых атак.

编译器优化嘉年华2025~

Defensie heeft Limburg op het oog voor innovatie, kennisvergroting en meer productie van defensiemiddelen. Voor dat laatste doel groeit bovendien de behoefte aan personeel. De provincie Limburg en het Vista College, dat er MBO-scholen vertegenwoordigt, zien dat wel zitten. Beide partijen en staatssecretaris van Defensie Gijs Tuinman tekenden daarom vandaag een intentieverklaring. 

联合国秘书长技术特使、副秘书长Amandeep Gill与图灵奖得主Yoshua Bengio共同组织，复旦团队特别受邀参加

Russian-backed threat actors continue their sophisticated cyber espionage operations against Western institutions through advanced phishing tactics. Calisto, a Russia-nexus intrusion set attributed to the Russian FSB’s Center 18 for Information Security (military unit 64829), has emerged as a persistent threat targeting NATO research entities and strategic organizations. The group has expanded its attack scope to […]

The post Russian Calisto Hackers Target NATO Research Sectors with ClickFix Malicious Code appeared first on Cyber Security News.

美国国家老龄化研究所在 1980 年代开展了一项研究，参与者分成两组，一组食用均衡的常规饮食，一组减少三成热量摄入。研究最初的目的是调查减少热量摄入是否能延长寿命。参与者都活到了自然死亡。研究人员在他们死后分析了大脑，比较了正常饮食者和限制热量摄入者脑细胞的差异，观察减少热量摄入如何影响与脑细胞衰老相关的基因表达和通路活性。他们发现，限制卡路里摄入的脑细胞在代谢上更健康、功能更强，髓鞘相关基因表达增加，以及与髓鞘生成和维护密切相关的关键代谢通路活性增强。这些发现支持长期饮食干预能从细胞层面影响大脑衰老的轨迹。

The French museum is planning to revamp its safety and security systems following a high-profile burglary in October

Google видит в несколько раз больше интернета, чем OpenAI и Microsoft, и именно это, по словам директора Cloudflare, сейчас ломает будущее сети.

Подробно разбираем, как сетевые и прикладные атаки по-разному рушат инфраструктуру.

Updated December 9, 2025: Check for signs of potential compromise on all internet accessible REACT instances after applying mitigations. For more information, see React Blog: Critical Security Vulnerability in React Server Components.

 

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.

• CVE-2025-55182 Meta React Server Components Remote Code Execution Vulnerability

This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise.  

Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the KEV Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.

Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of KEV Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria. 

Какие приложения не превратятся в тыкву во время блокировок мобильной связи.

A human rights lawyer from Pakistan's Balochistan province received a suspicious link on WhatsApp from an unknown number, marking the first time a civil society member in the country was targeted by Intellexa's Predator spyware, Amnesty International said in a report. The link, the non-profit organization said, is a "Predator attack attempt based on the technical behaviour of the infection

85% космоса могут составлять частицы, движущиеся почти со скоростью света.

Most MSPs and MSSPs know how to deliver effective security. The challenge is helping prospects understand why it matters in business terms. Too often, sales conversations stall because prospects are overwhelmed, skeptical, or tired of fear-based messaging. That’s why we created ”Getting to Yes”: An Anti-Sales Guide for MSPs. This guide helps service providers transform resistance into trust and

A vulnerability, which was classified as problematic, was found in Checkmk up to 2.1.0/2.2.0p45/2.3.0p37/2.4.0p12. Affected by this vulnerability is an unknown functionality of the component GET Request Handler. The manipulation results in use of get request method with sensitive query strings. This vulnerability is identified as CVE-2025-32916. The attack can be executed remotely. There is not any exploit available. You should upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Dassault Systèmes 3DSwymer. This impacts an unknown function. Such manipulation leads to cross site scripting. This vulnerability is documented as CVE-2025-10552. The attack can be executed remotely. There is not any exploit available.

A vulnerability was found in Dassault Systèmes 3DSwymer. It has been classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2025-10558. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability identified as problematic has been detected in siderolabs omni up to 1.0.1/1.1.4. The affected element is an unknown function of the component API. The manipulation leads to information disclosure. This vulnerability is traded as CVE-2025-61688. It is possible to initiate the attack remotely. There is no exploit available. You should upgrade the affected component.