Aggregator

然而，由于现有服务器端登录协议中的限制条件，调查人员无法百分百证实数据是遭外泄还是仅遭访问。

速修复

该车企因此获利约1.36亿元

Взлом TrustedVolumes ударил по экосистеме децентрализованных финансов.

面对人工智能短剧“偷脸”乱象，法律必须及时回应新兴技术带来的挑战，既要为技术创新留出空间，更要守住保护公民人格权益和社会公共利益的底线。唯有立法完善、司法精细、执法有力、平台尽责、行业自律、公众觉醒，多方合力形成系统性的治理格局……

公布面向人工智能赋能的高质量行业数据集建设先行先试联合体名单，明确禁止大数据杀熟等行为……

近日，北京市网信办等三部门印发中国（北京）自由贸易试验区、国家服务业扩大开放综合示范区数据出境负面清单及管理办法。

国家互联网信息办公室发布的《中国网络法治发展报告（2025年）》，系统梳理总结了2025年我国网络法治建设的理念、成就、经验。

在科技飞速发展的当下，蓝牙设备凭借“一键连接”带来的便捷优势，已广泛应用于日常工作和生活。然而，这些提升效率的“神器”，可能潜藏安全风险。不法分子可能利用蓝牙技术漏洞，非法获取个人信息甚至实施窃密行为，威胁公民隐私与国家秘密安全。

人工智能应用的全生命周期均伴随着大规模、多维度、高敏感度的个人信息处理活动，其处理边界、使用范围、风险传导均突破了传统信息处理模式的范畴，个人信息保护面临前所未有的挑战。因此，亟须通过更有效的评估机制识别潜在安全风险，切实保护个人合法权益。

Threat actors are executing a sophisticated malvertising campaign targeting macOS users via poisoned Google Ads and deceptive artificial intelligence applications. Researchers recently uncovered an operation that redirects victims to fraudulent landing pages via sponsored search results. By combining trusted hosting platforms with the notorious “Clickfix” social engineering tactic, attackers are successfully distributing MacSync payloads and […]

The post macOS Malware Leverages Google Ads and Legitimate Claude.ai Shared Chats to Deliver Malware appeared first on Cyber Security News.

“CCF-INFORSEC网络空间安全前沿创新论坛”将于5月23日（周六）在中国科学院计算技术研究所举办。目前论坛正式日程已发布，欢迎大家报名参会！

悬镜安全、易安联、魔方安全等集中推出AI智能体安全方案，产业加速布局下一代安全。

cPanel Perl注入|Android ADB零点击RCE|Grav CMS未认证RCE|PHP unserialize 21年UAF|共4条高危漏洞

A vulnerability marked as critical has been reported in Red Hat JBoss 1.0/6.0. This issue affects some unknown processing of the component Overlord Runtime Governance for JBossAS. Performing a manipulation as part of MVEL Expression results in code injection. This vulnerability is reported as CVE-2013-6469. The attack is possible to be carried out remotely. No exploit exists.

A vulnerability has been found in Toshibacommerce 4690 Point Of Sale Operating System 6.2 and classified as problematic. Impacted is an unknown function of the component Default Configuration. This manipulation causes cryptographic issues. This vulnerability is registered as CVE-2014-0361. The attack needs to be launched locally. No exploit is available.

A vulnerability was found in IBM Sterling Selling and Fulfillment Foundation and classified as problematic. The affected element is an unknown function. Such manipulation leads to cross site scripting. This vulnerability is documented as CVE-2014-0932. The attack can be executed remotely. There is not any exploit available. It is suggested to upgrade the affected component.

A vulnerability was found in Pimcore 1.4.9/1.5.0/2.1.0/2.2.0. It has been classified as critical. The impacted element is the function getObjectByToken of the file Newsletter.php. Performing a manipulation results in code injection. This vulnerability is reported as CVE-2014-2921. The attack is possible to be carried out remotely. Moreover, an exploit is present.