Aggregator

Meta Rayban 智能眼镜销量突破百万，计划年内再翻倍；微软展开「基于绩效」的裁员，部分员工称未获得遣散费

Health Records of Children, Deceased Patients Among Compromised Data
Community Health Center, which has a dozen primary care, dental and other clinics in Connecticut, is notifying nearly 1.1 million people - including pediatric patients and their parents and guardians - that their information was potentially stolen in a cyberattack detected earlier this month.

Governmental Agencies Won't Meet 2025 Goal of Bolster Cybersecurity
The British government fell short of its goal of significantly fortifying civilian IT systems to withstand cyberattacks by 2025, warned auditors in a report highlighting that much of officialdom runs on legacy systems. Nearly half of the government IT budget goes to keeping legacy systems running.

Series B Funding to Drive Seraphic's Innovation in Browser Security, AI Governance
Seraphic Security secured $29 million to scale its enterprise browser security solutions. With growing cyberthreats, CEO Ilan Yeshua highlights the need for AI-driven security, governance and compliance. The company plans to expand its North American presence and strengthen partnerships.

Researchers uncovered flaws in large language models developed by Chinese artificial intelligence company DeepSeek, including in its flagship R1 reasoning application. The security concerns come as Microsoft and OpenAI investigate whether DeepSeek developed used data scraped from an OpenAI API.

虚假谷歌广告瞄准微软广告账户，窃取登录凭证和2FA代码，攻击者利用钓鱼页面伪装微软官网，大规模劫持用户账户。

The U.S. CISA and the FDA warned of a hidden backdoor in Contec CMS8000 and Epsimed MN-120 patient monitors. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Food and Drug Administration (FDA) warned that three flaws in Contec CMS8000 and Epsimed MN-120 patient monitors could endanger patients when connected to the internet. The CMS8000 […]

阿尔塔米拉技术公司（Altamira Technologies Corporation ）在其官网发布招聘公告，需要在俄亥俄州代顿市招聘懂中文的开源情报分析师。

This daily article is intended to make it easier for those who want to stay updated with my regular Dark Web Informer and X/Twitter posts.

A vulnerability, which was classified as critical, has been found in Adobe Flash Player up to 26.0.0.151. Affected by this issue is some unknown functionality. The manipulation leads to memory corruption. This vulnerability is handled as CVE-2017-11281. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in IBM DB2 and DB2 Connect Server 11.5. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to sensitive information in log files. This vulnerability is handled as CVE-2024-40679. An attack has to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Google Android and classified as problematic. This vulnerability affects the function DevmemtMapPages of the file devicemem_server.c. The manipulation leads to use after free. This vulnerability was named CVE-2023-35685. Attacking locally is a requirement. There is no exploit available.

A vulnerability classified as critical was found in Teradata account-handling code up to 2024-11-04. Affected by this vulnerability is an unknown functionality. The manipulation leads to improper access controls. This vulnerability is known as CVE-2024-52869. Access to the local network is required for this attack to succeed. There is no exploit available.

A vulnerability was found in Linux Kernel up to 6.12.4. It has been declared as critical. Affected by this vulnerability is the function brightness_show. The manipulation leads to null pointer dereference. This vulnerability is known as CVE-2024-56587. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.