Aggregator

当前，基于大模型的软件智能化开发已经成为学术界和产业界共同关注的热点话题。

一周情报速览

A 22-year-old man from the United Kingdom arrested this week in Spain is allegedly the ringleader of Scattered Spider, a cybercrime group suspected of hacking into Twilio, LastPass, DoorDash, Mailchimp, and nearly 130 other organizations over the past two years.

SolarWinds patched a High severity vulnerability in Serv-U File Transfer Solution that affects multiple Serv-U products in FTP Server, Gateway and MFT Server versions 15.4. This vulnerability has been assigned with CVE-2024-28995 and severity as 8.6 (High).

一套完善的Linux通用应急响应脚本，其实对防御方是非常重要的，可以快速检测主机的一些异常信息。脚本地址，请看文末。

一套完善的Linux通用应急响应脚本，其实对防御方是非常重要的，可以快速检测主机的一些异常信息。脚本地址，请看文末。

一套完善的Linux通用应急响应脚本，其实对防御方是非常重要的，可以快速检测主机的一些异常信息。脚本地址，请看文末。

一套完善的Linux通用应急响应脚本，其实对防御方是非常重要的，可以快速检测主机的一些异常信息。脚本地址，请看文末。

一套完善的Linux通用应急响应脚本，其实对防御方是非常重要的，可以快速检测主机的一些异常信息。脚本地址，请看文末。

This post highlights how the GitHub Copilot Chat VS Code Extension was vulnerable to data exfiltration via prompt injection when analyzing untrusted source code.

GitHub Copilot Chat

GitHub Copilot Chat is a VS Code Extension that allows a user to chat with source code, refactor code, get info about terminal output, or general help about VS Code, and things along those lines.

It does so by sending source code, along with the user’s questions to a large language model (LLM). A bit of a segue, but if you are curious, here are its system instructions, highlighting some interesting prompting strategies and that it is powered by GPT-4:

探讨了跨上下文场景中图提示学习（Graph Prompt Learning）面临的后门威胁。

The spyware, called AridSpy by ESET, is distributed through websites that pose as various messaging apps, a job search app, and a Palestinian Civil Registry app

让我康康

👍 👍 👍