Aggregator

把时间花在重要的事情上，减少浪费时间在重复动作上

Over 1,000 websites powered by WordPress have been infected with a third-party JavaScript code that injects four separate backdoors. "Creating four backdoors facilitates the attackers having multiple points of re-entry should one be detected and removed," c/side researcher Himanshu Anand said in a Wednesday analysis. The malicious JavaScript code has been found to be served via cdn.csyndication[

2月28日，习近平总书记在中共中央政治局第十九次集体学习时着重强调，要坚定不移贯彻总体国家安全观，在国家更加安 […]

一旦黑客突破了组织的防御，在网络内部移动和访问信息就相对容易，可能会持续数天甚至数月而未被发现。这对于存储有宝 […]

新闻速览 •合规压力过大，金融机构敦促CISA修订网络事件报告规则 •暗网Nemesis管理员遭美国财政部制裁 […]

A vulnerability was found in ninjateam Notibar Plugin up to 2.1.5 on WordPress. It has been classified as problematic. Affected is an unknown function of the component Setting Handler. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2025-1672. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in LinZhaoguan pb-cms 1.0.0 and classified as critical. This issue affects some unknown processing of the file /admin#themes of the component Add New Topic Handler. The manipulation of the argument Topic Key leads to deserialization. The identification of this vulnerability is CVE-2025-2043. The attack may be initiated remotely. Furthermore, there is an exploit available.

Пентагон создает невидимый штаб, который научит машины воевать, а людей — доверять.

Submit #513243 / VDB-298787

A vulnerability has been found in huang-yk student-manage 1.0 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. This vulnerability was named CVE-2025-2042. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as problematic, was found in huang-yk student-manage 1.0. This affects an unknown part of the component Edit a Student Information Page. The manipulation of the argument Class leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-13902. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

黑客组织 EncryptHub 通过钓鱼攻击和木马化应用部署勒索软件及窃密程序，利用 PPI 服务扩大攻击。

美国私营太空公司 Firefly Aerospace 3 月 2 日宣布其月球着陆器 Blue Ghost 成功登陆月球表面，成为首个实现月球软着陆的商业公司。NASA 表示，这项公私合作项目成功演示了在月球上使用地基 GPS 导航信号的能力，标志着阿尔忒弥斯登月任务向前迈进了一大步。精确且可靠的导航对执行月球飞行任务的未来宇航员至关重要，但在距离地球 36 万公里的地方传统的导航工具基本没什么用。一种解决方法是将 Global Navigation Satellite System(GNSS) 的数据传输到月球表面以自动测量时间、速度和位置。Blue Ghost 搭载的项目之一就是 NASA 和意大利航天局合作的 Lunar GNSS Receiver Experiment(LuGRE)。LuGRE 依赖于两大 GNSS 星座——GPS 和 Galileo，基于数十颗提供实时跟踪数据的中地球轨道卫星进行三角定位。

CrowdStrike 发布 2025 财年第四季度财报，全年收入达 39.5 亿美元，ARR 突破 42.4 亿美元。云安全、身份保护和 SIEM 三大新业务 ARR 总额超 13 亿美元，同比增长近 50%。

CrowdStrike 发布 2025 财年第四季度财报，全年收入达 39.5 亿美元，ARR 突破 42.4 亿美元。云安全、身份保护和 SIEM 三大新业务 ARR 总额超 13 亿美元，同比增长近 50%。

CrowdStrike 发布 2025 财年第四季度财报，全年收入达 39.5 亿美元，ARR 突破 42.4 亿美元。云安全、身份保护和 SIEM 三大新业务 ARR 总额超 13 亿美元，同比增长近 50%。

CrowdStrike 发布 2025 财年第四季度财报，全年收入达 39.5 亿美元，ARR 突破 42.4 亿美元。云安全、身份保护和 SIEM 三大新业务 ARR 总额超 13 亿美元，同比增长近 50%。