Aggregator

为深入贯彻落实党中央、国务院决策部署，加快形成全国算力资源“一本账”，全面提升我国算力资源管理效能，工业和信息化部办公厅近日印发《关于全面开展算力态势感知自动化监测工作的通知》。

近日，Oracle官方发布了多个安全漏洞的公告，其中Oracle产品本身漏洞68个，影响到Oracle产品的其他厂商漏洞160个。

面对美国等西方“技术民主联盟”的体系性围堵和“数字铁幕”的政策性限制，如何在国际数字治理体系重构中维护我国核心利益，已成为新时代涉外安全的重要课题。本文通过三维度分析框架，系统解析中国海外数字利益的理论内涵与现实挑战，并提出针对性应对策略。

内存价格飙升的今天你也别指望 SSD 会便宜。第二大 NAND 制造商铠侠存储器业务总经理中户俊介表示该公司的 2026 年产能已经售罄，企业级和消费级 SSD 市场将进入“高端且昂贵的阶段”。中户称，企业普遍感到一旦停止投资 AI 会被淘汰，因此他们别无选择只能继续投资。”如果对生成式 AI 数据中心的需求没有发生重大变化，那么在可预见的未来，这轮投资将使 SSD 价格居高不下。中户表示铠侠正试图提高产能以满足不断增长的需求。

A high-severity vulnerability has been disclosed in BIND 9, the widely used DNS server software responsible for domain name resolution across millions of internet services. The vulnerability, tracked as CVE-2025-13878, enables remote attackers to crash DNS servers by sending specially crafted, malformed DNS records, potentially disrupting critical internet infrastructure and organizational services. The vulnerability stems […]

The post BIND 9 Vulnerability Allow Attackers to Crash Server by Sending Malicious Records appeared first on Cyber Security News.

Security researchers have identified a sophisticated multi-stage malware campaign targeting Windows systems through social engineering and weaponized cloud services. The attack employs business-themed documents as deceptive entry points, luring users into extracting compressed archives containing malicious shortcuts that execute PowerShell commands in the background. Once initiated, the infection chain systematically neutralizes Microsoft Defender before delivering […]

The post New Multi-Stage Windows Malware Disables Microsoft Defender Before Dropping Malicious Payloads appeared first on Cyber Security News.

A critical code-injection vulnerability has been identified in the Node.js binary-parser library, affecting all versions before 2.3.0. The flaw allows attackers to execute arbitrary JavaScript code if untrusted input is used to construct parser definitions, potentially compromising application integrity and system security. The binary-parser library, designed to facilitate writing efficient binary parsers in a simple, […]

The post Critical Vulnerability in Binary-Parser Library for Node.js Allows Malicious Code injection appeared first on Cyber Security News.

Новая версия правил этики Claude станет «живым документом» и будет регулярно обновляться.

360安全服务智能体为政企单位筑牢安全屏障

一起探索安卓逆向的奥秘

AI催生高危Linux恶意软件新案例

看雪论坛作者ID：G0t1T

近日，绿盟科技CERT监测到GNU发布安全公告，修复了GNU InetUtils Telnetd远程身份验证绕过漏洞（CVE-2026-24061），CVSS评分9.8，目前漏洞细节与PoC已公开，请相关用户尽快采取措施进行防护。

A new malicious package discovered in the Python Package Index (PyPI) has been found to impersonate a popular library for symbolic mathematics to deploy malicious payloads, including a cryptocurrency miner, on Linux hosts. The package, named sympy-dev, mimics SymPy, replicating the latter's project description verbatim in an attempt to deceive unsuspecting users into thinking that they are

白俄罗斯业余无线电（HAM Radio）社区紧急呼吁外界关注，白俄罗斯政府对该社区实施了突袭行动，至少逮捕了七人，威胁对其中三人判处死刑，理由是他们窃取国家机密。面临死刑惩罚的三人属于一个有 50 多名成员的业余无线电爱好者网络，他们被控“间谍罪”和“叛国罪”。政府查获了 500 多件无线电设备，国家电视台称他们利用无线电监视政府飞机的行踪，但未提供证据。

Here’s how the most common scams targeting Apple Pay users work and what you can do to stay one step ahead

美国NASA利用区块链技术实现航空系统零信任网络安全

首个利用国产AI IDE开发的高级恶意软件曝光

腾讯云安全联手A*STAR共绘可信可控AI智能体发展蓝图