Aggregator

Apple has patched a zero-day vulnerability being exploited in targeted attacks

Пока пользователи ждут ответа, компании готовятся к крупнейшей сделке года.

A vulnerability, which was classified as problematic, was found in Octopus Deploy Octopus Server. This affects an unknown part. The manipulation leads to information exposure through error message. This vulnerability is uniquely identified as CVE-2025-0525. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Wattsense Bridge. Affected by this issue is some unknown functionality of the component JTAG Interface. The manipulation leads to on-chip debug and test interface with improper access control. This vulnerability is handled as CVE-2025-26408. It is possible to launch the attack on the physical device. There is no exploit available.

Макрон достал козырь из рукава после анонса проекта Stargate.

1月新收录漏洞481个，包含2025年首个满分漏洞。

Imagine you're considering a new car for your family. Before making a purchase, you evaluate its safety ratings, fuel efficiency, and reliability. You might even take it for a test drive to ensure it meets your needs. The same approach should be applied to software and hardware products before integrating them into an organization's environment. Just as you wouldn’t buy a car without knowing its

A vulnerability classified as critical was found in olajowon Loggrove up to e428fac38cc480f011afcb1d8ce6c2bad378ddd6. Affected by this vulnerability is an unknown functionality of the file /read/?page=1&logfile=eee&match=. The manipulation of the argument path leads to os command injection. This vulnerability is known as CVE-2025-1229. The attack can be launched remotely. Furthermore, there is an exploit available. This product does not use versioning. This is why information about affected and unaffected releases are unavailable.

A vulnerability classified as problematic has been found in olajowon Loggrove up to e428fac38cc480f011afcb1d8ce6c2bad378ddd6. Affected is an unknown function of the file /read/?page=1&logfile=LOG_Monitor of the component Logfile Update Handler. The manipulation of the argument path leads to path traversal. This vulnerability is traded as CVE-2025-1228. It is possible to launch the attack remotely. Furthermore, there is an exploit available. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available.

今年春节期间，深度求索人工智能基础技术研究有限公司开发的生成式人工智能服务，吸睛引粉，热议不断。不过，也有报道指出，针对DeepSeek线上服务的攻击烈度突然升级，其攻击指令暴增，由此产生的服务中断、数据泄露等网络安全风险不可忽视。

据泰国媒体报道，缅甸边防部队近日在位于泰缅边境的泰国达府湄索县向泰方移交了61名电信诈骗受害者，由泰国警方对其进行调查询问，以便更清晰地了解诈骗分子的犯罪线索。

外交部发言人郭嘉昆10日表示，中方积极推动人工智能普惠发展，帮助发展中国家加强能力建设，主张开源人工智能技术，促进人工智能服务的可及性，实现各国共享智能红利。

建立健全合规高效的数据流通体系是推进数据要素市场化的必然要求，也是推动数据要素以较低的交易成本实现跨主体流通、多场景复用，在更大范围内与其他要素协同、与不同种类数据融合，促进数据要素价值化过程、放大数据要素价值化效应的重要举措。

随着人工智能技术的不断发展，国家安全进入了数字化和智能化时代，技术安全风险也在深刻塑造和改变国家安全的性质与特点。因此，我们需要深入思考人工智能将如何塑造未来的国家安全，并探讨国家安全治理体系的变革趋向。

2月7日，启明星辰面向DeepSeek等企业级大模型业务服务者提供的安全防护产品 —— 天清MAF大模型应用防火墙产品正式发布。