Aggregator

Преступный Jerry’s Store доверил ИИ‑среде создание дашборда, а та открыла его всему интернету.

A vulnerability was found in Wireshark up to 4.4.14/4.6.4. It has been rated as problematic. Impacted is an unknown function of the component Monero Protocol Dissector. Performing a manipulation results in uncontrolled recursion. This vulnerability is known as CVE-2026-5409. Remote exploitation of the attack is possible. No exploit is available. Upgrading the affected component is advised.

A vulnerability was found in Wireshark up to 4.4.14/4.6.4. It has been declared as problematic. This issue affects some unknown processing of the component DHT Protocol Dissector. Such manipulation leads to uncontrolled recursion. This vulnerability is traded as CVE-2026-5408. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

关键词黑壳攻击网络安全研究人员在一个 npm 软件包中发现了恶意代码，该恶意软件包作为依赖项被引入到由 Ant

关键词漏洞在网络托管的世界里，控制面板是核心资产。它是管理数据库、路由电子邮件和维护整个数字店面的中央控制中心。

关键词漏洞Linux 内核爆出高危漏洞 Copy Fail，追踪编号为 CVE-2026-31431，仅需一个

发表在《Frontiers of Agricultural Science and Engineering》期刊上的一项研究发现，水产养殖的温室气体排放主要来自四个环节：饲料生产、养殖过程中的能源消耗、池塘或水体中的生物化学过程（如甲烷和氧化亚氮的释放），以及土地利用变化和基础设施建设。其中饲料生产是大多数投饵型养殖系统中最大的排放源，在我国的研究中占比达到 52%。而在我国等以淡水池塘养殖为主的地区，甲烷排放尤为突出，贡献了约 90% 的养殖系统温室气体排放。不同水产养殖物种之间的排放差异显著。例如不依赖投饵的双壳贝类（如牡蛎、蛤蜊）和海藻养殖，排放极低甚至为负值，反而能通过碳固定起到“碳汇”作用。而草食性或杂食性鱼类（如鲤鱼、罗非鱼）在适度养殖强度下排放也相对较低。相比之下，集约化养殖的肉食性鱼类（如鲑鱼、鳟鱼）和虾类由于饲料和能源需求高，碳排放强度显著上升，部分甚至与陆地畜牧业相当。

2018 年微软公开了 MS-DOS 1.25 和 2.11 源代码，2024 年公开了 MS-DOS 4.0 源代码，2026 年 4 月在 86-DOS 1.00 发布 45 周年之际它延续传统公开了 86-DOS 1.00 源代码。86-DOS 的作者是 Tim Paterson，它后来成为 MS-DOS 的基础。发布在 GitHub 上的内容包括了 86-DOS 1.00 内核源代码、内核的多个快照，以及知名工具 CHKDSK 等。

В чужие руки попадает буквально всё, от поисковых запросов до планов на вечер.

根据国家信息安全漏洞库统计，近期（2026年4月16日至2026年4月28日）共采集重要人工智能漏洞213个，CNNVD对这些漏洞进行了收录。

根据国家信息安全漏洞库统计，自2026年4月14日-2026年4月28日，共采集OpenClaw漏洞111个。

Linux Kernel Vulnerability “Copy Fail” lets attackers gain root access via memory flaw. Patch now or disable algif_aead to stay secure.

Ukrainian police arrested three hackers who hijacked 610,000 Roblox accounts and sold them for $225,000 in profit. Police in Ukraine arrested three suspects accused of hacking over 610,000 Roblox accounts and selling them for about $225,000. Officers carried out multiple searches in Lviv, seizing cash, phones, computers, laptops, tablets, and USB drives. The operation disrupted […]

The video hosting vanguard Vimeo has disclosed a security transgression impacting its user repository, precipitated by a compromise

The post Vimeo Revokes Access Following Security Breach at Third-Party Partner Anodot appeared first on Penetration Testing Tools.

The seemingly mundane git push command has emerged as a significantly more treacherous vector than conventionally presumed. A

The post The Poisoned Push: How a Hidden Flaw in Git Metadata Exposed GitHub to Remote Code Execution appeared first on Penetration Testing Tools.

Google has addressed a maximum severity security flaw in Gemini CLI -- the "@google/gemini-cli" npm package and the "google-github-actions/run-gemini-cli" GitHub Actions workflow -- that could have allowed attackers to execute arbitrary commands on host systems. "The vulnerability allowed an unprivileged external attacker to force their own malicious content to load as Gemini configuration,"

Марка защитных решений стала для взломщиков куда важнее оборотов компании.