Aggregator

近日，国家发展改革委、国家数据局等部门联合印发《关于完善数据流通安全治理 更好促进数据要素市场化价值化的实施方案》，旨在完善数据流通安全治理机制，推动数据要素合规高效流通，对促进数据要素市场化价值化具有重要意义。

爆竹行动：这个年就在公司跟“大模型们”一起过了，全组人员放弃春节休假时间，说干就干，全面投入大模型测评工作。

关注高级攻防对抗技术热点，研究对手技术进行高级威胁模拟，研判攻击安全发展方向。

关注高级攻防对抗技术热点，研究对手技术进行高级威胁模拟，研判攻击安全发展方向。

关注高级攻防对抗技术热点，研究对手技术进行高级威胁模拟，研判攻击安全发展方向。

全方面多纬度介绍关于各类嵌入式设备、网络设备、边界安全设备等漏洞挖掘基础、方法、技巧和思路

微软示警，超3000个公开的ASP.NET密钥存在被用于ViewState代码注入攻击的风险，可能导致服务器沦陷。

看雪论坛作者ID：REerr

Cybercriminals are actively exploiting vulnerabilities in SimpleHelp Remote Monitoring and Management (RMM) software to infiltrate networks, create unauthorized administrator accounts, and deploy malware, including the Sliver backdoor. These flaws, identified as CVE-2024-57726, CVE-2024-57727, and CVE-2024-57728, were disclosed in early January 2025 by researchers at Horizon3.ai. Despite the availability of patches, unpatched systems remain vulnerable to […]

The post Hackers Exploiting SimpleHelp Vulnerabilities to Deploy Malware on Systems appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A newly discovered phishing campaign is using fake Facebook copyright infringement notices to trick users into divulging their credentials, potentially compromising business accounts. Phishing Campaign Exploits Facebook Brand to Target Businesses Researchers at Check Point Software Technologies revealed that this campaign, active since December 20, 2024, has already targeted over 12,279 email addresses across hundreds […]

The post New Facebook Fake Copyright Notices to Steal Your FB Accounts appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability classified as critical has been found in CmsEasy 7.7.7.9. This affects the function deletedir_action/restore_action in the library lib/admin/database_admin.php. The manipulation leads to path traversal. This vulnerability is uniquely identified as CVE-2025-1106. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way. The vendor was contacted early about this disclosure but did not respond in any way.

360数字安全集团被CNTISP授予“优秀支撑单位”称号

DeepSeek持续火爆，网络安全“暗战”再升级

США нашли китайского шпиона в госсекторе.

In a concerning development for the machine learning (ML) community, researchers from ReversingLabs have uncovered malicious ML models on the Hugging Face platform, a popular hub for AI collaboration. Dubbed “nullifAI,” this novel attack method leverages vulnerabilities in the widely used Python Pickle serialization format to execute malicious code on unsuspecting systems. The discovery highlights […]

The post Developers Beware! Malicious ML Models Found on Hugging Face Platform appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Check Point Research (CPR) has revealed that cybercriminals are increasingly leveraging the newly launched AI models, DeepSeek and Qwen, to create malicious content. These models, which lack robust anti-abuse provisions, have quickly become a preferred choice for threat actors over more regulated platforms like ChatGPT. The exploitation of these tools highlights a concerning shift in […]

The post Hackers Exploit DeepSeek & Qwen AI Models for Malware Development appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.