网络安全20年:从漏洞破解到AI防御的生态跃迁
未来如何才能在与攻击者的博弈中破局?
Aggregator
中国将佛教四大天王用作试验卫星任务徽章
10 months 1 week ago
中国航天任务使用的徽章通常采用了相当刻板的设计,但过去几个月中国航天使用的任务徽章令人眼前一亮。过去几个月中国发射了四颗通信技术试验卫星十五号、十六号、十七号与十九号,使用的任务徽章来自于佛教的四大天王——广目天王、持国天王、多闻天王和增长天王。四颗卫星都已进入或正在前往赤道上空近 36,000 公里的地球同步轨道,其位置分别位于印度洋、东南亚、西太平洋以及东太平洋上空。美国官员称,通信技术试验卫星经常被用于导弹预警或间谍任务。美国太空军部队执行侦察任务的 USA-324 卫星分别于 4 月 26 日和 4 月 29 日移动到通信技术试验卫星十六号和十七号的 16 公里范围内进行侦察,显示了对四大天王卫星的兴趣。
CVE-2009-1776 | Matt Wright FormMail 1.92 FormMail.pl cross site scripting (EDB-8950 / BID-34929)
10 months 1 week ago
A vulnerability was found in Matt Wright FormMail 1.92. It has been rated as problematic. This issue affects some unknown processing of the file FormMail.pl. The manipulation leads to cross site scripting.
The identification of this vulnerability is CVE-2009-1776. The attack may be initiated remotely. Furthermore, there is an exploit available.
vuldb.com
上周关注度较高的产品安全漏洞(20250512-20250518)
10 months 1 week ago
上周关注度较高的产品安全漏洞(20250512-20250518)
CNVD漏洞周报2025年第18期
10 months 1 week ago
国家信息安全漏洞共享平台(以下简称CNVD)本周共收集、整理信息安全漏洞363个,其中高危漏洞181个、中危漏洞166个、低危漏洞16个。
为什么 Qwen3,让我看到了 AI 应用落地的重大利好
10 months 1 week ago
向开发者「对齐」,其实是 Qwen3 未被点破的一个核心战略。
实力领跑!360获评CNNVD“年度优秀技术支撑单位”等多项荣誉
10 months 1 week ago
360揽获CNNVD三项荣誉 彰显漏洞挖掘及研究硬实力!
Заражение без единого байта записи — один указатель в памяти обманул всю систему безопасности
10 months 1 week ago
Хакеры больше не пишут код — они просто указывают, где он уже есть, и Windows делает всё сама.
首发价¥999:程序混淆与反混淆
10 months 1 week ago
拆解多种常见的混淆手法、分析多种优秀开源混淆器的实现
高危WordPress插件漏洞威胁超1万个网站安全
10 months 1 week ago
WordPress插件漏洞致超万网站面临管理员被劫持风险
劫持SUID程序提权彻底理解Dirty_Pipe:从源码解析到内核调试
10 months 1 week ago
看雪论坛作者ID:Brinmon
Open MPIC: The open-source path to secure Multi-Perspective Issuance Corroboration
10 months 1 week ago
Open MPIC is an open-source framework designed to help Certificate Authorities (CAs) meet new Multi-Perspective Issuance Corroboration (MPIC) requirements from the CA/Browser Forum. Developed with contributions from Princeton and Sectigo, it helps mitigate BGP hijack risks through globally distributed validation, quorum logic, and flexible deployment options. Open MPIC is a practical, evolving solution that advances the resilience of the WebPKI.
The post Open MPIC: The open-source path to secure Multi-Perspective Issuance Corroboration appeared first on Security Boulevard.
Tim Callan
⚡ Weekly Recap: Zero-Day Exploits, Insider Threats, APT Targeting, Botnets and More
10 months 1 week ago
Cybersecurity leaders aren’t just dealing with attacks—they’re also protecting trust, keeping systems running, and maintaining their organization’s reputation. This week’s developments highlight a bigger issue: as we rely more on digital tools, hidden weaknesses can quietly grow.
Just fixing problems isn’t enough anymore—resilience needs to be built into everything from the ground up.
The Hacker News
Hackers Exploit RVTools to Deploy Bumblebee Malware on Windows Systems
10 months 1 week ago
A reliable VMware environment reporting tool, RVTools, was momentarily infiltrated earlier this week on May 13, 2025, to disseminate the sneaky Bumblebee loader virus, serving as a sobering reminder of the vulnerabilities present in software supply chains. This incident, detected by a security operations team through a high-confidence alert from Microsoft Defender for Endpoint, revealed […]
The post Hackers Exploit RVTools to Deploy Bumblebee Malware on Windows Systems appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Aman Mishra
安全热点周报:Fortinet 修复了 FortiVoice 攻击中利用的关键零日漏洞
10 months 1 week ago
活动预告|CodeWisdom 软件智能化开发与运维系列学术报告 第17期:彻底改变大规模系统的质量保证
10 months 1 week ago
报告人:杨晨源(伊利诺伊大学厄巴纳-香槟分校)
报告时间:5月23日 周五下午 15:00
玩转 MCP 第二弹|一文教你用 Trae 实现网页自动化测试
10 months 1 week ago
字节与港科最新研究成果入选SIGCOMM 25,聚焦超低延迟交互
10 months 1 week ago
Устал от экрана? Вот тебе штука, которую приятно держать, не страшно уронить и невозможно залипнуть
10 months 1 week ago
Methaphone: когда нет телефона, но хочется достать что-то из кармана.
仍旧在使用过时 Windows 电脑的人
10 months 1 week ago
微软今年迎来了成立五十周年。过去五十年,微软的 Windows 操作系统已成为数字基础设施的一部分,以至于世界很多地方仍然依赖于早就过时的 Windows 版本和旧电脑。弗吉尼亚理工大学研究旧技术维护的副教授 Lee Vinsel 表示,某种程度上 Windows 是终极基础设施,是比尔盖茨如此富有的原因,Windows 系统融入到生活的方方面面,证明了微软的成功和神奇之处。ATM 专家 Elvis Montiero 称,很多 ATM 机器仍然运行 Windows XP 甚至 Windows NT,升级系统的困难在于硬件兼容性、合规和重写私有软件相关的高昂成本。微软在 2014 年终止支持 XP,但旧系统的可靠性、稳定性以及与银行基础设施的集成,以至于今天的 ATM 机器仍然依赖它。2024 年德国铁路仍然在招聘精通 Windows 3.11 和 MS-DOS 的 IT 管理员。