Aggregator

聚焦源代码安全，网罗国内外最新资讯！编译：代码卫士Sophos 发布热修复方案，修复了位于 Sophos 防火墙产品中的三个漏洞。这些漏洞可用于实现远程代码执行并在一定条件下导致提权访问系统。在这三

A vulnerability classified as problematic was found in Baby Gekko up to 0.90. This vulnerability affects unknown code. The manipulation of the argument title leads to cross site scripting. This vulnerability was named CVE-2012-3836. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

作为 BMJ 圣诞特刊的一部分，研究发现 AI 聊天机器人可能也有认知问题或痴呆症。研究人员使用蒙特利尔认知评估（MoCA）测试评估了 ChatGPT 4 和 4o（OpenAI 开发）、Claude 3.5“Sonnet”（Anthropic）和 Gemini 1 和 1.5（Google）。MoCA 测试被广泛用于检测认知障碍和痴呆症的早期症状，通常在老年人中。通过一些简短的任务和问题，它可以评估包括注意力、记忆力、语言、视觉空间技能和执行功能在内的能力。最高分数为 30 分，26 分或以上通常被认为是正常的。ChatGPT 4o 在 MoCA 测试中得分最高（26/30），其次是 ChatGPT 4 和 Claude（25/30），而 Gemini 1.0 最低（16/30）。所有聊天机器人在视觉空间技能和执行任务方面的表现都很差。在进一步的视觉空间测试中，聊天机器人无法表现出同理心，也无法准确解读复杂的视觉场景。

作为 BMJ 圣诞特刊的一部分，研究发现 AI 聊天机器人可能也有认知问题或痴呆症。研究人员使用蒙特利尔认知评估（MoCA）测试评估了 ChatGPT 4 和 4o（OpenAI 开发）、

安全资讯导视 • 国务院审议通过《公共安全视频图像信息系统管理条例（草案）》• CNCERT披露两起美对我大型科技企业机构网络攻击事件• 产品漏洞被利用致大量用户数据泄露，Meta被罚超19亿元PAR

由代理商变身为安全厂商，听刘正涛阐述贝格通的”向下兼容“理论。

岗位多多，待遇丰厚，想要换工作的老师傅别错过。

《9问CEO》安全419今年策划的一档全新的节目，每一期会邀请一位知名网络安全企业的CEO与我们对话。每期节目共设置9个问题，以快问快答的形式，不给对方思考的机会，用9个问题还原一家最真实的网络安全企

主站 分类 漏洞 工具 极客

主站 分类 漏洞 工具 极客

职位描述1. 负责产品的黑白盒安全测试，挖掘通用web安全漏洞和业务逻辑漏洞并推进修复；2. 负责产品的架构安全评审，能识别产品安全风险，并提供安全解决方案并推进落地；3. 负责产品线的安全应急响应工作，能组织产品设计和研发团队，协同其它相关职能团队，完成安全入侵事件、安全漏洞的应急处置职位要求1. 熟悉常见web漏洞原理和修复，熟悉web漏洞的挖掘、检测、防御相关技术和工具，具备web漏洞挖掘能

Humanity stands at a pivotal juncture where technological advances can dramatically reshape how we m

The 2025 cybersecurity landscape is increasingly complex, driven by sophisticated cyber threats,

The 2025 cybersecurity landscape is increasingly complex, driven by sophisticated cyber threats, increased regulation, and rapidly evolving technology. In 2025, organizations will be challenged with protecting sensitive information for their customers while continuing to provide seamless and easy user experiences. Here’s a closer look at ten emerging challenges and threats set to shape the

A vulnerability, which was classified as critical, has been found in Mozilla Firefox up to 3.5.1. This issue affects the function window.open of the component Address Bar. The manipulation leads to improper input validation. The identification of this vulnerability is CVE-2009-2654. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Apache HTTP Server up to 1.3.26/2.0.42. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Error Page. The manipulation of the argument Host leads to basic cross site scripting. This vulnerability is known as CVE-2002-0840. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in systemd and classified as critical. Affected by this vulnerability is an unknown functionality of the component DynamicUser Property Handler. The manipulation leads to improper access controls. This vulnerability is known as CVE-2019-3843. It is possible to launch the attack on the local host. Furthermore, there is an exploit available.