Aggregator

苹果推出内存完整性强制保护技术（MIE），基于Arm增强型内存标记扩展（EMTE），旨在全面阻断iPhone设备上的内存破坏漏洞。该技术历时五年研发，结合硬件与操作系统安全机制，默认启用同步模式EMTE，并针对雇佣间谍软件设计。MIE通过硬件和分配器层面防护大幅提升攻击难度与成本，在iPhone 17和Air上首发。

祝老师们教师节快乐！

专属厂商中秋福利加码！限时获得额外赏金！

福利任务限时掉落🌕中秋月圆，福利更圆！2025新人白帽子限时双节福利任务突击上线！

当前环境异常，需完成验证后继续访问。

当前环境异常，请完成验证后继续访问。

苹果在 iPhone Air 中采用自研 N1 网络芯片替代博通 Wi-Fi 和蓝牙芯片，主要用于 Wi-Fi、蓝牙和 Thread 技术。目前仅 iPhone Air 提及该芯片，其他机型未明确采用。苹果逐步用自研 C1/C1X 基带及 N1 芯片取代高通和博通产品，未来将减少对外部供应商依赖。

近期，JavaScript生态系统遭遇重大供应链攻击。攻击者通过社会工程学手段获取了Josh Junon的npm账户权，在至chalk、debug等核心基础库中植入恶意代码，下载量总计超过20亿次。这次攻击不仅规模庞大，其技术实现也极为精巧

当前环境出现异常，需完成验证后方可继续访问。

苹果在 iPhone 17 Pro/Pro Max 中采用 VC 均热板技术，通过液体蒸发散热降低芯片温度，避免热节流。该技术将热量传导至铝合金框架散热，并采用密封设计以防止液体泄露。这可为设备提供更长时间的稳定性能。

当前环境异常，需完成验证后方可继续访问。

A vulnerability categorized as critical has been discovered in Microsoft Edge. Affected by this vulnerability is an unknown functionality of the component Scripting Engine. Executing manipulation can lead to memory corruption. The identification of this vulnerability is CVE-2018-0769. The attack may be launched remotely. Furthermore, there is an exploit available. It is advisable to implement a patch to correct this issue.

A vulnerability, which was classified as critical, was found in Microsoft Internet Explorer 10/11. This affects an unknown function of the component Scripting Engine. The manipulation results in memory corruption. This vulnerability is known as CVE-2018-0840. It is possible to launch the attack remotely. Furthermore, an exploit is available. It is advisable to implement a patch to correct this issue.

A vulnerability has been found in Microsoft Edge and classified as critical. This impacts an unknown function of the component Scripting Engine. This manipulation causes memory corruption. This vulnerability is handled as CVE-2018-0840. The attack can be initiated remotely. Additionally, an exploit exists. Applying a patch is the recommended action to fix this issue.

A vulnerability was found in Microsoft Internet Explorer 11 and classified as critical. Affected is an unknown function of the component Scripting Engine. Such manipulation leads to memory corruption. This vulnerability is documented as CVE-2018-8288. The attack can be executed remotely. Additionally, an exploit exists. It is advisable to implement a patch to correct this issue.

A vulnerability has been found in Microsoft Edge and ChakraCore and classified as critical. This impacts an unknown function of the component Scripting Engine. This manipulation causes memory corruption. This vulnerability is registered as CVE-2018-8288. Remote exploitation of the attack is possible. Furthermore, an exploit is available. To fix this issue, it is recommended to deploy a patch.