Aggregator

关键词ChromeLayerX已经发现了三个协调的网络钓鱼活动涉及的40多个恶意浏览器扩展程序 – 许多仍然存

关键词网络攻击网络安全研究人员披露了一项新型攻击活动，该活动通过伪造的安装程序冒充热门应用（如 LetsVPN

关键词安全漏洞名为“ViciousTrap”的攻击者团伙被曝已攻陷全球 84 个国家近 5,300 台网络边缘

1,2 миллиарда рублей уже взысканы с дропперов: иски продолжаются.

无需调用任何工具

安全平台有希望重构市场格局

A vulnerability has been found in Advanced Webhost Billing System and classified as critical. Affected by this vulnerability is an unknown functionality of the file docs/front-end-demo/cart2.php. The manipulation of the argument workdir leads to file inclusion. This vulnerability is known as CVE-2007-2272. The attack can be launched remotely. Furthermore, there is an exploit available.

Syscall（系统调用）是用户空间与操作系统内核之间的接口，它允许用户程序请求操作系统提供的服务

为了摆脱硅谷的控制，我们是否需要公有社交网络？西班牙《国家报（El Pais）》认为有必要建立公共的社交网络，因为今天社交媒体平台的商业模式就是侵犯隐私，收集用户数据销售广告。公共社交网络作为商业社交平台的替代一直被人提及，想象一下欧盟的 Twitter 或者由 BBC 等媒体管理的 Facebook。西班牙首相 Pedro Sánchez 呼吁欧盟开发自己的浏览器、社交网络和使用透明协议的 IM 服务。公共的平台不需要旨在设计刺激成瘾和对抗的算法，也不需要收集用户隐私销售广告。技术不再中立，而实现数字独立紧迫、重要但也困难重重。欧盟等国家可能更适合投资自由开源可互操作性的联邦宇宙去中心化软件，支持信息和内容的可移植性，比如美国的 Bluesky 和德国的 Mastodon。

5月24日，以“安全+数智、AI赢未来”为主题的C3安全大会·2025在江苏南京开幕。

近日，网安标委发布《网络安全标准实践指南——个人信息保护合规审计要求》。

近日，网安标委发布《网络安全标准实践指南——个人信息保护合规审计 专业机构服务能力要求》。

公民个人身份信息保护问题备受社会公众关切。随着线上线下需要提供身份信息的场景日益丰富，公民个人身份信息的泄露风险亦日渐高企。对此，公安部、国家互联网信息办公室等部门经过反复研究并广泛征求意见，制定《国家网络身份认证公共服务管理办法》。

A vulnerability classified as problematic was found in Pepperl+Fuchs Profinet Gateway FB8122A.1.EL and Profinet Gateway LB8122A.1.EL up to 1.3.12. Affected by this vulnerability is an unknown functionality of the component Web UI. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2025-1985. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in Red Hat AMQ Broker 7. Affected is an unknown function of the component ActiveMQ Artemis. The manipulation leads to use of weak credentials. This vulnerability is traded as CVE-2025-4057. It is possible to launch the attack on the local host. There is no exploit available.

A vulnerability was found in Pepperl+Fuchs Profinet Gateway FB8122A.1.EL and Profinet Gateway LB8122A.1.EL up to 1.3.12. It has been rated as critical. This issue affects some unknown processing of the component URL Handler. The manipulation leads to missing authentication. The identification of this vulnerability is CVE-2025-41655. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

第一届OpenHarmony CTF专题赛邀你披荆斩棘，成为开源安全的“破壁者”！

A vulnerability was found in Pepperl+Fuchs Profinet Gateway FB8122A.1.EL and Profinet Gateway LB8122A.1.EL up to 1.3.12. It has been declared as problematic. This vulnerability affects unknown code of the component SNMP Protocol Handler. The manipulation leads to information disclosure. This vulnerability was named CVE-2025-41654. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.