Aggregator

根据内分泌学会年会上发表的报告，多项研究显示 GLP-1 减肥药有助于提高男性睾酮水平和精子质量。一项研究对 1600多 名开具减肥药处方的男性患者的电子健康记录进行了分析，发现在接受 GLP-1 药物或双重激素受体激动剂治疗后，参与者的睾酮水平增加了约 30%。另一项回顾性研究同样分析了 215 名接受减肥药物治疗男性的记录，发现治疗后他们的平均睾酮水平比治疗前高出约 20%。睾酮是精子产生和维持生育能力不可或缺的激素，而肥胖会降低睾酮水平已是医学界的共识。脂肪细胞中含有高水平的酶，能将睾酮转化为主要的女性性激素雌二醇。此外肥胖引起的代谢变化和体内炎症水平升高也会直接影响睾酮的产生。当 GLP-1 药物帮助患者有效减重时，这些负面因素也随之减弱，从而促使生殖激素网络恢复正常。

专注于可穿戴心脏监测技术的健康公司 iRhythm 成为网络攻击的目标，导致信息被盗。 以其 Zio 可穿戴 ECG 监测器而闻名的 iRhythm 在周一提交给 SEC 的文件中披露了此次数据泄露。 该公司表示，其于 6 月 8 日检测到“涉及某些第三方托管的业务应用程序上维护的数据的未经授权活动”。iRhythm 指出，此次攻击涉及社会工程，但未透露被针对的应用程序名称...

根据国家信息安全漏洞库（CNNVD）统计，本周（2026年6月8日至2026年6月14日）安全漏洞情况如下

根据国家信息安全漏洞库（CNNVD）统计，自2026年5月18日-2026年6月14日，共采集OpenClaw漏洞40个

As many as 145 npm packages associated with the Mastra namespace ("@mastra/*"), a popular open-source JavaScript and TypeScript framework for building artificial intelligence (AI) applications, have been compromised as part of a software supply chain attack codenamed easy-day-js, per findings from Endor Labs, JFrog, OX Security, SafeDep, Socket, StepSecurity, and Synk. "A single npm account (

Novo Nordisk recently fell victim to a sophisticated cyberattack. Consequently, this incident compromised a segment of patient data from clinical trials. Fortunately, the company asserted that names and direct identifiers remained unexposed. Therefore, unauthorized...

The post Novo Nordisk Cyberattack: Clinical Trial Data Breach appeared first on Information Security News.

Шахматные звезды захватили Гонконг, чтобы разделить полмиллиона евро.

Databases have long evolved beyond mere tabular repositories. However, new functionalities within SQL Server 2025 illustrate the inherent dangers of this progression. Recently, SpecterOps researchers discovered significant vulnerabilities. They detailed how attackers can abuse...

The post SQL Server 2025 AI Features Enable Data Exfiltration appeared first on Information Security News.

在 JetBrains Marketplace 上发现的至少 15 个恶意插件旨在窃取开发者的 AI API 密钥。 该活动由 Aikido Security 发现，包含的插件伪装成 AI 编码助手、代码审查工具以及由 OpenAI、DeepSeek 和 SiliconFlow 等流行 AI 服务支持的 Git 工具。 Aikido 警告称：“我们在 JetBrains Marketp...

A critical security vulnerability has been disclosed in LiteLLM, an increasingly popular proxy used for managing large language model (LLM) APIs. The flaw, tracked as CVE-2026-49468, allows attackers to bypass authentication mechanisms under specific conditions by exploiting improper handling of the Host header. The issue affects LiteLLM versions before 1.84.0 and has been assigned a […]

The post Critical LiteLLM Flaw Allows Authentication Bypass via Host Header Injection appeared first on Cyber Security News.

Popular WordPress plugins have found themselves at the center of a supply chain attack, where the products themselves were not compromised directly. Instead, attackers targeted the infrastructure responsible for distributing them. Three plugins from...

The post OptinMonster Supply Chain Attack Hits 1.2M Sites appeared first on Information Security News.

Payroll systems rarely attract attention until a single edited bank detail quietly turns a routine paycheck into a direct transfer to criminals. Researchers at BushidoToken Threat Intel have detailed a new financially motivated campaign...

The post Payroll Pirate Hijacks Sessions to Steal Paychecks appeared first on Information Security News.

根据发表在《科学》期刊上的一项研究，地下真菌网络长度达到 11 万万亿公里(或 110 京公里，1 京等于 1 千万亿)，是地日距离的 7.5 亿倍。丛枝菌根真菌（Arbuscular mycorrhizal fungi）是由被称为菌丝的管状细胞构成的网络。它们通过与逾七成的植物建立共生关系维系着地球上的生命。这种网络已存在约 4.75 亿年，它们通过向植物提供养分和水分换取植物产生的碳，它们还通过将碳吸收到土壤中帮助调节气候。Society for the Protection of Underground Networks(Spun)组织的研究团队利用机器学习模型，结合世界各地逾 16000 个土壤样本的数据，绘制出第一张丛枝菌根真菌网络的全球地图。研究人员称，仅仅一茶匙土壤就可能存在长达 10 米的菌根网络。研究还发现，农耕会破坏真菌网络，农田菌根网络密度平均比野生生态系统低 47.3%。草原地区拥有最密集的菌丝系统，但这些地区缺乏保护，正日益退化。

Google has released a critical security update for its Chrome browser, addressing multiple high-severity vulnerabilities that could allow attackers to execute arbitrary code on affected systems. Users are strongly advised to update immediately as several flaws impact core browser components. The latest Chrome Stable channel has been updated to version 149.0.7827.155/.156 for Windows and macOS, […]

The post Critical Chrome Vulnerabilities Allow Attackers to Execute Arbitrary Code – Update Now! appeared first on Cyber Security News.

A newly discovered Android banking trojan called Rokarolla is making waves in the cybersecurity world, and it is more dangerous than most threats we have seen lately. This malware is built to take full control of an infected device while staying completely hidden from the user. Its reach is staggering, with over 217 banking and […]

The post Hackers Use Rokarolla Android Malware to Disable Google Play Protect and Control Devices appeared first on Cyber Security News.

紧急AI供应链投毒预警！热门AI智能体开发框架Mastra AI近140个NPM组件遭受供应链投毒，涉及多个周下载量超百万次热门项目，请速排查！

Kodak has confirmed that it's working with external cybersecurity experts to investigate a security breach after hackers gained access to some of the company's data. [...]

雷神众测拥有该文章的修改和解释权。如欲转载或传播此文章，必须保证此文章的副本，包括版权声明等全部内容。声明雷神众测允许，不得任意修改或增减此文章内容，不得以任何方式将其用于商业目的。

A new strain of malware has emerged that combines two well-known social engineering tactics into one effective attack chain. Researchers have uncovered a Remote Access Trojan built on Deno, an unconventional JavaScript runtime, being deployed against employees through email flooding and fake Microsoft Teams calls. The attack overwhelms targets and then offers a false sense […]

The post Deno-Based RAT Uses Microsoft Teams Impersonation and Mailbombing to Target Employees appeared first on Cyber Security News.

В версии 152 Mozilla обновила настройки, добавила быстрый способ мгновенно выключить звук во всех вкладках и усилила позиции браузера на фоне ограничений в Chrome.