Aggregator

A vulnerability marked as problematic has been reported in Siemens Simcenter Femap and Simcenter Nastran. Affected by this issue is some unknown functionality of the component XDB File Parser. This manipulation causes out-of-bounds read. This vulnerability is handled as CVE-2026-23717. It is possible to launch the attack on the local host. There is not any exploit available. It is suggested to upgrade the affected component.

A vulnerability labeled as critical has been found in Siemens Simcenter Femap and Simcenter Nastran. Affected by this vulnerability is an unknown functionality of the component XDB File Parser. The manipulation results in out-of-bounds write. This vulnerability is known as CVE-2026-23715. Attacking locally is a requirement. No exploit is available. The affected component should be upgraded.

A vulnerability identified as problematic has been detected in Siemens syngo.plaza VB30E VB30E_HF05. Affected is an unknown function. The manipulation leads to weak encoding for password. This vulnerability is traded as CVE-2024-52334. It is possible to initiate the attack remotely. There is no exploit available. You should upgrade the affected component.

A vulnerability categorized as problematic has been discovered in Siemens SINEC NMS up to 4.0 SP1. This impacts an unknown function. Executing a manipulation can lead to uncontrolled search path. This vulnerability appears as CVE-2026-25655. The attack requires local access. There is no available exploit. It is advisable to upgrade the affected component.

A vulnerability was found in Siemens Simcenter Femap and Simcenter Nastran. It has been rated as problematic. This affects an unknown function of the component XDB File Parser. Performing a manipulation results in out-of-bounds read. This vulnerability is reported as CVE-2026-23716. The attack requires a local approach. No exploit exists. Upgrading the affected component is advised.

2026年1月，中央网信办举报中心指导全国各级网信举报工作部门、主要网站平台受理网民举报色情、赌博、侵权、谣言等违法和不良信息举报，共计2214.6万件。

近日，国家市场监督管理总局、国家标准化管理委员会发布的2026年第8号《中华人民共和国国家标准公告》，由全国网络安全标准化技术委员会归口的《网络安全技术 人工智能生成合成内容标识方法》国家标准外文版正式发布。

本《实践指南》规定了预防和处置互联网平台人员新型腐败的基本要求、日常防范要求和处置要求，适用于预防和处置互联网平台人员发生的流量操控、数据舞弊、权限寻租、榜单造假等新型腐败问题。

近期，CNCERT监测到一个新型僵尸网络正在互联网上大范围传播，该僵尸网络自2025年12月下旬起开始活跃。该家族在通信协议、数据存储及反追踪机制上均展现出高度的复杂性和规避性，其核心特征为广泛使用基于RC4、ChaCha20及TEA算法变种的深度定制加密方案。

低空基础设施是低空经济发展的重要底座。信息通信业具备丰富的网络资源和综合信息服务能力，能够有效支撑低空通信、监视、导航、智能网联系统等信息类基础设施建设发展，对于促进低空经济健康有序发展、培育新质生产力具有重要意义。

低空基础设施是低空经济发展的重要底座。信息通信业具备丰富的网络资源和综合信息服务能力，能够有效支撑低空通信、监视、导航、智能网联系统等信息类基础设施建设发展，对于促进低空经济健康有序发展、培育新质生产力具有重要意义。

Когда хакеры воруют ваши данные, чтобы прочитать их через пять лет – это не паранойя, а стратегия «на вырост».

这充分说明AI在相对自主的网络攻防工作流中的应用门槛正在迅速降低，同时凸显了及时修补已知漏洞等安全基础工作的重要性。

速修复

SmarterTools confirmed last week that the Warlock (aka Storm-2603) ransomware gang breached its network by exploiting an unpatched SmarterMail instance. The incident took place on January 29, 2026, when a mail server that was not updated to the latest version was compromised, the company's Chief Commercial Officer, Derek Curtis, said. "Prior to the breach, we had approximately 30 servers/VMs

目前仍未恢复

Dutch agencies confirmed attacks exploiting Ivanti EPMM flaws that exposed employee contact data at the data protection authority and courts. Dutch authorities said cyberattacks hit the Dutch Data Protection Authority and the Council for the Judiciary after hackers exploited newly disclosed flaws in Ivanti Endpoint Manager Mobile (EPMM). The incidents were reported to parliament, and […]

黑马比赛的优秀作品。本文提出一种基于大模型与多智能体的人机对抗靶场架构，通过RAG知识库、COA编排、分级决策引擎与武器MCP解耦设计，构建具备OODA闭环的智能陪练对手，实现高真实度、可控、可解释的实战化攻防训练。

未来不属于那些能够制造更多信息的人。它属于那些在信息过载时还能保持清晰思维的人。