Aggregator

A vulnerability classified as critical has been found in Linux Kernel up to 6.1.128/6.6.75/6.12.12/6.13.1. Affected is the function mr_mfc_uses_dev of the component ipmr. The manipulation leads to state issue. This vulnerability is traded as CVE-2025-21719. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.128/6.6.75/6.12.12/6.13.1. It has been rated as problematic. This issue affects some unknown processing of the file net/mptcp/protocol.c of the component mptcp. The manipulation leads to information disclosure. The identification of this vulnerability is CVE-2025-21705. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.128/6.6.75/6.12.12/6.13.1. It has been declared as problematic. This vulnerability affects unknown code of the file net/sched/sch_sfq.c of the component net_sched. The manipulation leads to improper validation of array index. This vulnerability was named CVE-2024-57996. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.128/6.6.78/6.12.15/6.13.3/6.14-rc2. It has been classified as critical. This affects the function usb_hub_to_struct_hub. The manipulation leads to null pointer dereference. This vulnerability is uniquely identified as CVE-2025-21776. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

Как работает новая схема Anubis?

一项新研究表明，长期暴露在极端高温下可能会加速老年人的生物学衰老。生物学年龄是衡量人体在分子、细胞及系统水平上运作状况的指标，它不同于基于出生日期的时间年龄。 生物学年龄高于时间年龄通常意味着更高的疾病和死亡风险。虽然长期以来，暴露于极端高温已被证明会带来健康风险，包括更高的死亡率，但高温与生物学衰老之间的关系仍然不清楚。研究人员分析了 3600 多名年龄在 56 岁及以上的“美国健康与退休研究（HRS）”参与者的生物学年龄变化情况。研究人员在为期六年的研究期间，在不同时间点采集参与者的血液样本，分析其表观遗传变化，并估算每个时间点的生物学年龄。随后，他们将参与者的生物学年龄变化与其所在地 2010 至 2016 年间的热指数历史记录和美国国家气象局报告的高温天数进行比对。研究结果显示，居住在较多高温天数地区的个体，其生物学年龄增加的幅度显著高于较少高温天数的地区，这一关联在控制了社会经济因素、人口以及生活方式（如体育活动、饮酒和吸烟）等变量后仍然存在。

该服务旨在实现设备端内容扫描，但由于其安装过程隐蔽且缺乏透明度，引发了广泛的隐私担忧。

作者：启明星辰ADLab 原文链接：https://mp.weixin.qq.com/s/FVVes7UIK_OORUk3fXy9mQ 一、概述 近日，DeepSeek连续不断地开源了多个项目，一时间引发了关于GPU底层优化的热潮，这在如今国内算力被广泛打压的背景下，给我国在现代高性能计算（HPC）和人工智能（AI）领域带来了希望，其中尤其引人瞩目的是关于底层PTX优化技术引入，这在一定程度...

FBI has confirmed that North Korean hackers stole $1.5 billion from cryptocurrency exchange Bybit on Friday in the largest crypto heist recorded until now. [...]

The U.S. Federal Bureau of Investigation (FBI) formally linked the record-breaking $1.5 billion Bybit hack to North Korean threat actors, as the company's CEO Ben Zhou declared a "war against Lazarus." The agency said the Democratic People's Republic of Korea (North Korea) was responsible for the theft of the virtual assets from the cryptocurrency exchange, attributing it to a specific cluster

佩托悖论（Peto's paradox）指在物种水平上，癌症的发生率似乎与生物体中的细胞数量无关。例如尽管鲸鱼的细胞数量多于人类，但人类的癌症发病率远高于鲸鱼。本周发表在 PNAS 期刊上的一项新研究再次否定了佩托悖论。研究人员分析了来自两栖动物、鸟类、哺乳动物和爬行动物四大动物类群的 263 个物种的癌症数据。结果显示体型较大的动物良性肿瘤和恶性肿瘤的发病率都更高。研究人员还发现，像大象这样在较短的进化时间尺度上迅速进化为大型的物种，发展出了更好的天然抗癌机制。大象的癌症风险与老虎大致相同，而老虎的体型仅为大象的十分之一。平均而言，大型物种比小型物种更容易患癌症。但有一小部分物种的癌症发病率远高于或远低于其体型所预期的水平。普通虎皮鹦鹉的癌症发病率比其体型所预期的高出40多倍，而其体重不足 30 克。而裸鼹鼠几乎没有任何癌症记录。

Vendor Providing Employee Screenings Across Multiple Sectors Reports Cyber Incident
DISA Global Solutions, a third-party administrator of background checks and drug and alcohol testing for employers in multiple industries, said 3.3 million individuals are affected by a data theft incident that happened a year ago. The firm is already facing several lawsuits involving the breach.

Swedish Prime Minister Proposed Fast-Tracking Bill to Surveil Minors
A proposal by the Swedish prime minister to fast track legislation allowing police to surveil minors could cause end-to-end encrypted chat app Signal to leave the country. The government in effect is asking for backdoor access, said Signal President Meredith Whittaker.

CEO Raymond Brancato: Ex-Skybox Customers Get Express Onboarding, Flexible Pricing
Tufin has purchased select Skybox assets and business information, focusing on migrating affected customers to its platform. CEO Raymond Brancato outlines the company's transition strategy, including special pricing, dedicated support and plans to hire former Skybox Security employees.

Republicans Block Probe into Cyber Workforce Cuts, DOGE Access to Federal Systems
Republican lawmakers on the U.S. House Homeland Security Committee blocked a Democratic effort to investigate Elon Musk’s access to sensitive federal networks and the impact of President Donald Trump’s hiring freeze on an already strained cyber workforce.

大致流程1，先在攻击机上编写好含有恶意代码的类，编译成class文件。其中有我们要执行的命令，开启web服务2，还需要在攻击机上利用jar包部署rmi服务。3，通过payload请求攻击机上的rmi服

知道创宇404实验室星链计划项目更新情况。

知道创宇404实验室星链计划项目更新情况。

知道创宇404实验室星链计划项目更新情况。

条件竞争引起的命令执行