Aggregator

看雪论坛作者ID：pureGavin【译】

Приложения упали, банкоматы задумались: майские пошли не по плану.

Challenger, Gray & Christmas 的数据显示，经济波动和新兴挑战重塑企业领导决策，CEO 们正以创记录的速度离职。去年上市公司 CEO 离职人数 373 人，比 2023 年增加 24%。在员工人数至少 25 人的美国企业中，2024 年有 2221 名 CEO 离职。这是该机构自 2002 年跟踪企业高管离职情况以来的最高数字。人工智能、关税、对经济衰退的担忧以及对多元化倡议的审查被认为是推动高管离职的主要压力因素。这一趋势并不只局限于高管，据 McLean & Co. 对 20 多万名员工展开的调查，中层经理报告工作压力大的可能性比普通员工高 1.7 倍。

Microsoft says the April 2025 security updates are causing authentication issues on some Windows Server 2025 domain controllers. [...]

A vulnerability, which was classified as critical, was found in Linux Kernel up to 5.10.98/5.15.21/5.16.7. This affects the function macsec_dellink. The manipulation leads to memory leak. This vulnerability is uniquely identified as CVE-2022-48720. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 6.4.10. Affected is the function nf_tables of the component netfilter. The manipulation leads to use after free. This vulnerability is traded as CVE-2023-52923. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in GNU elfutils 0.192. This vulnerability affects the function elf_strptr in the library /libelf/elf_strptr.c of the component eu-strip. The manipulation leads to denial of service. This vulnerability was named CVE-2025-1376. It is possible to launch the attack on the local host. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

Google has released fixes for a bucketload of Android security vulnerabilities, including a FreeType flaw (CVE-2025-27363) that “may be under limited, targeted exploitation.” About CVE-2025-27363 CVE-2025-27363 is an out of bounds write vulnerability in FreeType, an open-source software library that renders fonts (thus, text) onto digital displays (e.g., screens) and is used across many platforms, including Android, iOS, macOS, and Linux. FreeType has been the source of multiple security vulnerabilities over the years, mostly due … More →

The post Actively exploited FreeType flaw fixed in Android (CVE-2025-27363) appeared first on Help Net Security.

当地时间5日，由泰国国家网络安全局组织的网络安全培训班举行结业仪式，泰国副总理兼国防部长普坦主持结业仪式。10万名来自各行各业的网络安全人员完成培训任务，此举将会提升泰国网络安全工作能力。

人工智能的迅猛发展正在重塑人类社会的生产和生活方式。但是，与其相伴而生的还有虚假信息、错误信息、权益侵害等一系列显性与潜在的风险。

“网信事业代表着新的生产力、新的发展方向”，网络法治是信息革命发展的时代需求，也是推进网络强国建设、护航新质生产力发展的重要保障。4月27日，我国首部网络法治建设的综合性年度报告《中国网络法治发展报告（2024年）》正式发布。

原有的数据基础设施主要满足单一组织的数据存储、管理和本地处理需求，重在安全可靠。在数字经济背景下，数据基础设施作为经济发展的重要支撑，关注数据的流通、安全和跨行业共享，支持创新应用和高效的数据利用。

腾讯小米百度等多个公司软件更新或被劫持

腾讯小米百度等多个公司软件更新或被劫持

稿件提交截止日期：2025年11月20日

В Telegram снова “раздают” деньги.

稿件提交截止日期：2025年11月20日