Aggregator

天元实验室近期对国内多种主流模型在线服务进行了对抗干扰下的安全检测与阻断能力测试，发现不同模型在线生成内容抵御各类越狱攻击方法存在差异，与模型架构特性、安全对齐策略及在线服务使用的防护机制有关。

Centre for Research on Energy and Clean Air 的分析发现，中国和印度两个最大的煤炭消费国的煤电发电量 自 1973 年以来首次同时下降。中国和印度的煤电发电量分别下降了 1.6% 和 3%，两国大力发展的清洁能源项目足以满足不断增长的能源需求。中国去年新增太阳能发电装机容量逾 300GW，风能发电装机容量逾 100GW，而印度去年新增太阳能 35GW、风能 6GW 和水电 3.5GW。

The FTC has finalized an order with General Motors, settling charges that it collected and sold the location and driving data of millions of drivers without consent. [...]

Hewlett Packard Enterprise (HPE) has disclosed four high-severity vulnerabilities in its Aruba Networking Instant On devices that could allow attackers to access sensitive network information and disrupt operations. The security flaws, identified as CVE-2025-37165, CVE-2025-37166, CVE-2023-52340, and CVE-2022-48839, affect devices running software version 3.3.1.0 and earlier. Vulnerability Details and Risk Assessment The most critical vulnerability, […]

The post HPE Aruba Vulnerabilities Enables Unauthorized Access to Sensitive Information appeared first on Cyber Security News.

CTF密码学总卡关？30小时破局实战来了！

防火墙需立即升级，防范未认证拒绝服务攻击。

看雪论坛作者ID：G0t1T

让IAST转化为研发安全的效能助推器

360以AI创新破解教育与产业人才鸿沟

Microsoft on Wednesday announced that it has taken a "coordinated legal action" in the U.S. and the U.K. to disrupt a cybercrime subscription service called RedVDS that has allegedly fueled millions in fraud losses. The effort, per the tech giant, is part of a broader law enforcement effort in collaboration with law enforcement authorities that has allowed it to confiscate the malicious

Исследователи нашли способ обойти ограничения обычных процессоров.

Lumen’s Black Lotus Labs blocked over 550 C2 servers tied to the AISURU/Kimwolf botnet used for DDoS attacks and proxy abuse. Lumen’s Black Lotus Labs disrupted over 550 command-and-control servers linked to the AISURU and Kimwolf botnet, a major network used for DDoS attacks and proxy abuse. Acting as a DDoS-for-hire service, Aisuru avoids government […]

Bitwarden revealed continued product innovation and ecosystem maturity to advance identity security capabilities for users and enterprises. Bitwarden introduced enterprise credential risk insights and guided remediation through Bitwarden Access Intelligence, expanded passkey interoperability across browsers, devices, and operating systems, and deepened alignment with industry standards and major platform providers, including the FIDO Alliance and Microsoft. Turning credential risk into guided action Credential-based risks continue to drive security incidents across enterprise and personal environments, often remaining … More →

The post Bitwarden advances passkeys and credential risk controls appeared first on Help Net Security.

最新动态【换薪升级】互联网应用、终端安全、安全情报奖励、季度奖励全线更新！

过去一年，你们以技术之力共筑防线，以开放之态共享资源，以信任之心共建生态。

OSRC 2025年度颁奖典礼在昆明完美落幕啦！

A vulnerability categorized as critical has been discovered in Revive Adserver up to 6.0.4. This affects an unknown function of the component Setting Handler. Executing a manipulation can lead to format string. This vulnerability is tracked as CVE-2026-21640. The attack can be launched remotely. No exploit exists. Applying a patch is advised to resolve this issue.

A vulnerability was found in AffiliateX Plugin up to 1.0.0/1.3.9.3 on WordPress. It has been rated as problematic. The impacted element is the function save_customization_settings of the component Setting Handler. Performing a manipulation results in cross site scripting. This vulnerability is identified as CVE-2025-13859. The attack can be initiated remotely. There is not any exploit available.