Aggregator

New LightSpy spyware variant comes with enhanced data collection features targeting social media platforms

Security Affairs
9 months 2 weeks ago
Researchers found an updated LightSpy spyware with enhanced data collection features targeting social media platforms like Facebook and Instagram. Cybersecurity researchers at Hunt.io have found an updated version of the LightSpy spyware that supports an expanded set of data collection features to target social media platforms like Facebook and Instagram. ThreatFabric researchers first discovered a […]
Pierluigi Paganini

皮尤调查发现大部分美国工人避用 AI 聊天机器人

Solidot
9 months 2 weeks ago
皮尤研究中心周二公布的一项调查发现,55% 的美国工人很少或从未在工作中使用 AI 工具,29% 的人对其一无所知。只有 16% 的工人报告经常用 ChatGPT、Gemini 或 Copilot 等 AI 聊天工具,使用率最高的是年轻工人,18-29 岁工人中 23% 使用,而研究生学历的工人有 26% 使用。AI 工具主要被用于研究(57%)、编辑内容(52%)和起草报告(47%)。四成的人认为 AI 工具提高了工作速度,但只有 29% 的人认为它显著改进了工作质量。在不使用 AI 工具的工人中,36% 认为它与工作不相关是主要原因。雇主对使用 AI 持中立态度,半数既不鼓励也不阻止。科技业雇主有 36% 积极鼓励使用 AI 聊天机器人,其次是金融服务业的 24%。

CVE-2025-1517 | shaonsina Sina Extension for Elementor Plugin up to 3.6.0 on WordPress ancy Text/Countdown Widget/Login Form cross site scripting

Vuldb Updates
9 months 2 weeks ago
A vulnerability classified as problematic has been found in shaonsina Sina Extension for Elementor Plugin up to 3.6.0 on WordPress. Affected is an unknown function of the component ancy Text/Countdown Widget/Login Form. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2025-1517. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-26698 | J’s Communication RevoWorks SCVX/RevoWorks Browser up to 2.2.100/3.0.1/4.0.234/5.0.7 resource transfer

Vuldb Updates
9 months 2 weeks ago
A vulnerability, which was classified as problematic, was found in J’s Communication RevoWorks SCVX and RevoWorks Browser up to 2.2.100/3.0.1/4.0.234/5.0.7. Affected is an unknown function. The manipulation leads to incorrect resource transfer. This vulnerability is traded as CVE-2025-26698. Local access is required to approach this attack. There is no exploit available.
vuldb.com

Pentera Cyber Pulse identifies new threats and vulnerabilities

Help Net Security
9 months 2 weeks ago

Pentera has unveiled Cyber Pulse, a new mechanism to update the Pentera platform with the latest vulnerabilities and attack techniques from the Pentera research team. Cyber Pulse delivers a continuous stream of new cyber exposure validation capabilities, enabling organizations to identify and mitigate new threats and vulnerabilities before they can be exploited. The MITRE ATT&CK catalog grew by over 30 new tactics, techniques, and procedures (TTPs) in the past year alone, while CISA’s Known Exploited … More →

The post Pentera Cyber Pulse identifies new threats and vulnerabilities appeared first on Help Net Security.

Industry News

Managed ad