Aggregator

当前环境出现异常提示，需完成验证后方可继续访问，并提供验证选项。

随着《网络弹性法案》（CRA）临近，欧盟内销售数字服务的企业需加强合规措施。curl项目提供符合CRA的版本，并协助制造商合规。curl凭借 decades of experience, 提供安全、标准、可靠的网络解决方案，助力全球数字基础设施建设。

Политика «Америка прежде всего» грозит разрывом отношений.

The UK's spy agency, MI6, has launched a new dark web portal called Silent Courier to securely recruit agents worldwide, particularly from Russia. Learn how this shift to the dark web marks a new era in modern espionage and national security.

知名二手交易平台转转宣布关闭个人间自由交易市场，转向官方验货和寄卖模式。此举旨在解决诈骗、灰色交易及纠纷问题。卖家将物品售予平台后，经官方工程师验货再出售给买家。平台将逐步关闭自由市场入口，并延长客服服务至2025年10月31日。

A sophisticated cyber-attack campaign exploiting GitHub Pages to distribute the notorious Atomic stealer malware to macOS users.  The threat actors behind this operation are leveraging Search Engine Optimization (SEO) techniques to position malicious repositories at the top of search results across major platforms, including Google and Bing, targeting users searching for legitimate software from technology […]

The post Massive Cyber-Attack Attacking macOS Users via GitHub Pages to Deliver Stealer Malware appeared first on Cyber Security News.

A vulnerability was found in Pierre-Henri Lavigne Markup Markdown Plugin up to 3.20.9 on WordPress. It has been rated as problematic. This impacts an unknown function. This manipulation causes cross site scripting. This vulnerability appears as CVE-2025-9541. The attack may be initiated remotely. There is no available exploit. Upgrading the affected component is advised.

A vulnerability was found in Pierre-Henri Lavigne Markup Markdown Plugin up to 3.20.9 on WordPress. It has been declared as problematic. This affects an unknown function. The manipulation results in cross site scripting. This vulnerability is reported as CVE-2025-9540. The attack can be launched remotely. No exploit exists. It is recommended to upgrade the affected component.

A vulnerability was found in Frédéric Sheedy Etsy Shop Plugin up to 3.0.6 on WordPress. It has been classified as problematic. The impacted element is an unknown function. The manipulation of the argument $_SERVER['REQUEST_URI'] leads to cross site scripting. This vulnerability is documented as CVE-2025-9115. The attack can be initiated remotely. There is not any exploit available. Upgrading the affected component is recommended.

A vulnerability was found in wpase Admin and Site Enhancements Plugin up to 7.9.7 on WordPress and classified as problematic. The affected element is an unknown function of the file xmlrpc.php of the component SVG File Parser. Executing manipulation can lead to cross site scripting. This vulnerability is registered as CVE-2025-9487. It is possible to launch the attack remotely. No exploit is available. It is suggested to upgrade the affected component.

A vulnerability has been found in Campcodes Gym Management System 1.0 and classified as critical. Impacted is an unknown function of the file /ajax.php?action=login. Performing manipulation of the argument Username results in sql injection. This vulnerability is cataloged as CVE-2025-10851. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

Submit #657939 / VDB-325210

Дженсен Хуанг объяснил, почему прикладные профессии окажутся в центре цифровой экономики.

意大利通过人工智能法案，涉及隐私和网络安全关键点，由Chiara Ponti分析并经Franco Vincenzo Ferrari推荐。

当前环境出现异常，请完成验证后继续访问。

当前环境异常，请完成验证后继续访问。

鸿蒙系统及生态设备数量突破千万与十亿大关，涵盖手机、平板、智能家居等多领域。其分布式技术和流畅体验连接生活场景。为鼓励开发者分享经验与故事，少数派与鸿蒙联合举办征文活动，设置多个奖项激励参与。

OpenAI修复ChatGPT漏洞以防止PII泄露；微软与Cloudflare打击快速增长的钓鱼服务RaccoonO365；Google发布Chrome更新修复四个高危漏洞；OpenAI计划预测用户年龄以更好保护儿童；研究人员发现Google Play Store大型广告欺诈活动。

CERT-AGID报告称，在过去一周内检测到73次恶意活动，其中43次针对意大利目标。攻击者利用银行诈骗、停车罚单、订单和支付等主题进行钓鱼攻击，并通过电子邮件分发压缩文件（如ZIP、RAR）传播恶意软件。检测到的恶意软件包括FormBook、Remcos等家族。

由于当前环境异常，需完成验证后方可继续访问。