Aggregator

Lovesac warns customers their data was breached after suspected RansomHub attack six months ago

5 months ago

美国家具制造商Lovesac因黑客入侵导致客户数据泄露，涉及姓名等个人信息。黑客在2月12日至3月3日期间访问其系统并窃取文件。RansomHub勒索团伙声称窃取40GB数据并威胁泄露。尽管该团伙已停止活动，客户仍需警惕身份盗窃风险，并可免费获得两年信用监控服务以防范潜在风险。

摸鱼文学新篇章 ✨

薇拉vera(左左薇拉)

5 months ago

接下来，向大家走来的，是写起小说就发了狠忘了论文不

Malicious npm Code Reached 10% of Cloud Environments

Information Security Magazine

5 months ago

Wiz Security warns that a recently discovered supply chain attack campaign targeting npm is far from over

Securing Agents Isn’t the Customer’s Job, it’s the Platform’s

不安全

5 months ago

文章探讨了企业在加速AI应用中的机遇与挑战：78%的企业已采用AI且一半以上实现收入增长。随着AI从简单助手发展为自主代理，传统安全措施已无法应对数据泄露、自主行为及非确定性系统风险。企业需整合开源工具并内置安全性至产品中以确保高效与合规。

Securing Agents Isn’t the Customer’s Job, it’s the Platform’s

Security Boulevard

5 months ago

As enterprises adopt AI agents at scale, security must evolve beyond policies and human oversight. From protecting enterprise data and preventing prompt injection to enforcing permission boundaries and agent guardrails, platform providers—not customers—must embed security into AI systems.

The post Securing Agents Isn’t the Customer’s Job, it’s the Platform’s appeared first on Security Boulevard.

Sunil Agrawal

Gunra

Dark Feed IO

5 months ago

You must login to view this content

cohenido

美国股市不再有超额收益

Solidot

5 months ago

Apollo 首席经济学家 Torsten Slok 称，可供投资的上市公司数量越来越少，而选择进行 IPO 的企业创办年龄也越来越大。1999 年 IPO 企业的中位数年龄为 5 年；2022 年这一数字增至 8 年；而今天 IPO 的中位数年龄已增至 14 年。企业上市年龄的增长不仅是因为美联储在 2022 年加息的结果，也是越来越多的公司希望保持私有状态、避免上市后负担的结果。加上被动投资的主导地位、主动管理者的失败、公开市场的高相关性以及少数股票的高度集中，现实情况是公开市场几乎没有阿尔法收益（超额收益）可言。

美国股市不再有超额收益

不安全

5 months ago

Apollo首席经济学家Torsten Slok指出，可供投资的上市公司数量减少，IPO企业的创办年龄从1999年的5年增至现在的14年。企业更倾向于保持私有状态以避免上市后的负担。公开市场因被动投资主导、高相关性和少数股票集中而缺乏超额收益。

并非所有国家的用户都可以获得Windows 10 EUS许可证部分国家被禁止访问

不安全

5 months ago

Windows 10 ESU 许可证受限于美国政策，部分国家和地区用户无法正常获取。最初限制白俄、俄等国及乌克兰用户，后删除乌克兰并新增黎巴嫩。受限用户可借助第三方工具 TSforce 获取许可证。

Critical Microsoft Office Vulnerabilities Let Attackers Execute Malicious Code

Cyber Security News

5 months ago

Microsoft has released patches for two significant vulnerabilities in Microsoft Office that could allow attackers to execute malicious code on affected systems. The flaws, tracked as CVE-2025-54910 and CVE-2025-54906, were disclosed on September 9, 2025, and affect various versions of the popular productivity suite. While Microsoft has assessed exploitation as “less likely” for both vulnerabilities […]

The post Critical Microsoft Office Vulnerabilities Let Attackers Execute Malicious Code appeared first on Cyber Security News.

Guru Baran

HackerOne Confirms Data Breach – Hackers Gained Unauthorized Access To Salesforce Instance

Cyber Security News

5 months ago

HackerOne has confirmed it was among the companies affected by a recent data breach that provided unauthorized access to its Salesforce instance. The access was gained through a compromise of the third-party application Drift, which Salesloft owns. The bug bounty platform announced the security incident, aligning with its company value of “Default to Disclosure.” According […]

The post HackerOne Confirms Data Breach – Hackers Gained Unauthorized Access To Salesforce Instance appeared first on Cyber Security News.

Guru Baran