Aggregator

利用Python字符串格式化异常可绕过n8n沙箱限制，获取原始builtins并执行任意代码。

A Farsi-speaking threat actor aligned with Iranian state interests is suspected to be behind a new campaign targeting non-governmental organizations and individuals involved in documenting recent human rights abuses. The activity, observed by HarfangLab in January 2026, has been codenamed RedKitten. It's said to coincide with the nationwide unrest in Iran that began towards the end of 2025,

银狐木马最新免杀样本分析

Britain will likely ban at least some types of ransom payments as it revamps the nation's cybersecurity laws, but many open questions remain, including sectors and the organizational sizes to be covered, and if all payments might be required to pass sanctions checks, said policy expert Jen Ellis.

NASCIO Agenda Focuses on AI Policy, Cyber Investment and Critical Infrastructure
State CIOs have lots on their plates, juggling multiple priorities from AI to cybersecurity. But the state IT programs don't have to go it alone. The National Association of State CIOs' 2026 agenda focuses on federal legislation - and federal funds - that could help state IT programs.

以隐私为卖点的搜索引擎 DuckDuckGo 调查了其用户对 AI 功能的态度，结果显示用户压倒性多数的反对 AI：在 175,354 名参与投票的用户中，九成用户表示不希望使用 AI。DuckDuckGo 为此推出了两个版本：反 AI 用户可选择访问 noai.duckduckgo.com，想要 AI 功能的用户可访问 yesai.duckduckgo.com。用户还可以在主站设置中禁用 AI 摘要、AI 生成图像以及 Duck.ai 聊天机器人。

你是否曾经听过这样的惊悚故事——狂热粉丝神秘地发现了偶像的行踪轨迹，或者是广大网友合力施展“人肉搜索”大法，深

关键词数据泄露只需一句话，它就能帮你写代码、回邮件、整理文件—— Clawdbot（现已更名为 Moltbot

关键词漏洞本周 Metasploit 框架的最新更新为渗透测试人员和红队成员带来重大增强，新增了七个针对常用企

关键词漏洞据 V2EX 与飞牛官方论坛多名网友反馈，飞牛系统（fnOS）疑似存在严重安全漏洞，已有多台部署该系

Жертва добровольно подтверждает операцию, даже не подозревая об обмане.

YouTube 证实调整了平台体验，阻止非付费用户访问后台播放功能。在确认前，三星浏览器 Samsung Internet、Brave、Vivaldi 甚至 Microsoft Edge 用户通过社交网络报告后台视频播放功能失效。后台视频播放对移动用户而言是一项有用且方便的功能，用户可以在关闭手机屏幕或最小化浏览器窗口的情况下听视频的声音，YouTube 上有很多适合听的内容，如音乐和播客。但从一周前开始，用户报告关闭手机屏幕或最小化浏览器窗口后音频播放停止了。YouTube 官方证实这是有意为之，称后台播放功能只提供给付费订阅用户。

CERT Polska said cyberattacks hit 30+ wind and solar farms, a manufacturer, and a major CHP plant supplying heat to nearly 500,000 people. On December 29, 2025, Poland faced coordinated cyberattacks targeting over 30 wind and solar farms, a manufacturing company, and a major heat and power plant serving nearly 500,000 people, CERT Polska reported. […]

Тревожнее всего то, что доступы уходят тихо и без взлома в привычном смысле.

一次关于“银狐”病毒的应急响应记录......

Britain will likely ban at least some types of ransom payments as it revamps the nation's cybersecurity laws, but many open questions remain, including sectors and the organizational sizes to be covered, and if all payments might be required to pass sanctions checks, said policy expert Jen Ellis.

NASCIO Agenda Focuses on AI Policy, Cyber Investment and Critical Infrastructure
State CIOs have lots on their plates, juggling multiple priorities from AI to cybersecurity. But the state IT programs don't have to go it alone. The National Association of State CIOs' 2026 agenda focuses on federal legislation - and federal funds - that could help state IT programs.

Name: ASCF CTF (an ASCF CTF event.)
Date: Jan. 30, 2026, 9 a.m. — 31 Jan. 2026, 09:00 UTC  [add to calendar]
Format: Jeopardy
On-line
Offical URL: https://ctf.ascf.space/
Rating weight: 0
Event organizers: ASCF

你收到了一个红包，请在58SRC上查看

抓紧预约！看雪视频号见