Aggregator

关键词网络攻击臭名昭著的LockBit勒索软件运营团队近日遭遇重大安全事件。

关键词网络安全2025年，公安部网安局连续发布两份重要文件，进一步规范网络安全等级保护工作。

关键词鸿蒙系统5月8日，华为在深圳举办鸿蒙电脑技术与生态沟通会，正式推出搭载鸿蒙操作系统的PC产品，标志着国产

智能提供方和车企，共同定义下一代汽车。

智能提供方和车企，共同定义下一代汽车。

根据一项最新研究结果，摄入超加工食品（如含糖饮料、薯片和包装饼干）可能与多种不良健康结局相关。研究显示，每天额外摄入 100 克超加工食品，将提高患高血压、心血管事件、癌症、消化系统疾病、死亡等风险。研究人员指出，常见的超加工食品包括工业生产的面包、含糖饮料、薯片、巧克力糖果、糖果、包装饼干等。研究发现，食用超加工食品与高血压、心血管事件、癌症、消化系统疾病以及全因死亡风险相关。每日每增加 100 克超加工食品的摄入，高血压风险上升 14.5%，心血管事件风险上升 5.9%，癌症风险上升 1.2%，消化系统疾病风险上升 19.5%，全因死亡风险上升 2.6%。研究人员还观察到肥胖/超重、代谢综合征/糖尿病、抑郁/焦虑等风险的升高。中山大学的 Xiao Liu 表示，越来越多证据表明，摄入全食、简单原料和符合当地文化的健康饮食（如地中海饮食或DASH饮食）有益健康。

The nation-state threat actor known as MirrorFace has been observed deploying malware dubbed ROAMINGMOUSE as part of a cyber espionage campaign directed against government agencies and public institutions in Japan and Taiwan. The activity, detected by Trend Micro in March 2025, involved the use of spear-phishing lures to deliver an updated version of a backdoor called ANEL. "The ANEL file from

A vulnerability was found in Danfoss AK-SM 8xxA 4.2 and classified as critical. This issue affects some unknown processing. The manipulation leads to improper authentication. The identification of this vulnerability is CVE-2025-41450. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Netis Systems WF2220 1.2.31706 and classified as critical. This vulnerability affects unknown code of the file /cgi-bin-igd/netcore_set.cgi. The manipulation leads to missing authentication. This vulnerability was named CVE-2025-3759. The attack can be initiated remotely. There is no exploit available.

A vulnerability, which was classified as critical, was found in Netis Systems WF2220 1.2.31706. This affects an unknown part of the file /cgi-bin-igd/netcore_get.cgi. The manipulation leads to missing authentication. This vulnerability is uniquely identified as CVE-2025-3758. Access to the local network is required for this attack. There is no exploit available.

Currently trending CVE - Hype Score: 52 - A vulnerability in the Out-of-Band Access Point (AP) Image Download feature of Cisco IOS XE Software for Wireless LAN Controllers (WLCs) could allow an unauthenticated, remote attacker to upload arbitrary files to an affected system. This vulnerability is due to the presence ...

Currently trending CVE - Hype Score: 38

Currently trending CVE - Hype Score: 1 - Craft is a content management system. Versions of Craft CMS on the 4.x branch prior to 4.14.13 and on the 5.x branch prior to 5.6.16 contains a potential remote code execution vulnerability via Twig SSTI. One must have administrator access and `ALLOW_ADMIN_CHANGES` must be ...

Currently trending CVE - Hype Score: 1 - A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Sequoia 15.4, tvOS 18.4, macOS Ventura 13.7.5, iPadOS 17.7.6, macOS Sonoma 14.7.5, iOS 18.4 and iPadOS 18.4, visionOS 2.4. An attacker on the local network may be able to corrupt ...

Currently trending CVE - Hype Score: 1 - The issue was addressed with improved memory handling. This issue is fixed in AirPlay audio SDK 2.7.1, AirPlay video SDK 3.6.0.126, CarPlay Communication Plug-in R18.1. An attacker on the local network may cause an unexpected app termination.

Currently trending CVE - Hype Score: 51 - Microsoft Outlook Remote Code Execution Vulnerability

Currently trending CVE - Hype Score: 1 - The Commvault Command Center Innovation Release allows an unauthenticated actor to upload ZIP files that represent install packages that, when expanded by the target server, are vulnerable to path traversal vulnerability that can result in Remote Code Execution via malicious ...

Currently trending CVE - Hype Score: 59 - Langflow versions prior to 1.3.0 are susceptible to code injection in the /api/v1/validate/code endpoint. A remote and unauthenticated attacker can send crafted HTTP requests to execute arbitrary code.

Currently trending CVE - Hype Score: 29 - Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

Currently trending CVE - Hype Score: 24 - An out of bounds write exists in FreeType versions 2.13.0 and below (newer versions of FreeType are not vulnerable) when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code assigns a signed short value to an unsigned ...