Aggregator

A threat actor is leaking the customer database of Akitatek, a French IT services and electronics repair company.

苹果设备现已支持端到端加密RCS：苹果设备已正式推出端到端加密RCS消息功能。该功能已在周一发布的iOS 26.5版本中新增。安卓系统已支持端到端RCS多年。这项功能将允许安卓和iPhone用户之间互发加密消息。RCS技术旨在取代传统的短信服务

所有这些秘密工作技巧，是我们白区地下党和国民党特务斗争了几十年，积累起来的经验，许多是用烈士的鲜血换来的。

Foxconn признала кибератаку на заводы в Северной Америке.

今日暂未更新资讯~
更多最新文章，请访问SecWiki

右派的 Steve Bannon 和左派的 Bernie Sanders 在很多问题上的观点相去甚远，但他们都认为 AI 对工人阶级是一场灾难。Sanders 说 AI 寡头想要的不仅仅是取代特定工作岗位，他们想要取代工人。Bannon 说硅谷不在乎普通人。民调显示，美国是世界最关注 AI 的国家之一，既是全球 AI 的主要研发者也是 AI 的主要反对者。美国反 AI 的情绪在持续高涨。缅因州通过了美国首个全州范围内的数据中心建设禁令，虽然禁令被州长否决。OpenAI CEO Sam Altman 的家被人投掷了燃烧弹。四分之一的美国人接受将暴力作为一种反对手段。硅谷喜欢将 AI 比作工业革命，喜欢强调工业革命所释放的巨大财富。工业革命的确促进了经济增长，但亲身经历工业革命却是另一回事。企业家积累了巨额财富，工人的工资却停滞不前，工作条件也日益恶化。大多数美国人已感受到经济体制被操纵有利于富人。民意调查发现，对 AI 在日常生活中的作用最乐观的美国人群体是年收入超过 20 万美元的人。财富和权力日益集中在少数人手中。

​DAA：智能体时代的新价值逻辑。

Tomorrow's webinar examines why prevention alone is no longer enough against modern cyberattacks. The session explores how organizations combine security, backups, and recovery planning to improve cyber resilience after attacks. [...]

A vulnerability has been found in F5 NGINX Plus and NGINX Open Source and classified as critical. This affects the function ngx_http_rewrite_module of the component HTTP Handler. The manipulation leads to heap-based buffer overflow. This vulnerability is traded as CVE-2026-42945. It is possible to initiate the attack remotely. There is no exploit available. The affected component should be upgraded.

A vulnerability, which was classified as problematic, was found in F5 BIG-IP. The impacted element is an unknown function of the component Traffic Management Microkernel. Executing a manipulation can lead to infinite loop. This vulnerability appears as CVE-2026-42920. The attack may be performed from remote. There is no available exploit. You should upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Jupyter notebook up to 4.5.6. The affected element is an unknown function. Performing a manipulation results in cross site scripting. This vulnerability is reported as CVE-2026-42557. The attack is possible to be carried out remotely. No exploit exists. It is advisable to upgrade the affected component.

A vulnerability classified as problematic was found in F5 BIG-IP, BIG-IP Next SPK, BIG-IP Next CNF and BIG-IP Next for Kubernetes. Impacted is the function HTTP::redirect/HTTP::respond of the component Traffic Management Microkernel. Such manipulation leads to null pointer dereference. This vulnerability is documented as CVE-2026-42409. The attack can be executed remotely. There is not any exploit available. Upgrading the affected component is advised.

A vulnerability classified as critical has been found in F5 BIG-IP, BIG-IP Next CNF and BIG-IP Next for Kubernetes. This issue affects some unknown processing of the component Traffic Management Microkernel. This manipulation causes stack-based buffer overflow. This vulnerability is registered as CVE-2026-41956. Remote exploitation of the attack is possible. No exploit is available. It is recommended to upgrade the affected component.

A vulnerability described as problematic has been identified in F5 BIG-IP and BIG-IQ. This vulnerability affects unknown code of the component iControl REST Endpoint. The manipulation results in information disclosure. This vulnerability is cataloged as CVE-2026-41954. The attack may be launched remotely. There is no exploit available. Upgrading the affected component is recommended.

A vulnerability marked as critical has been reported in F5 BIG-IP. This affects an unknown part. The manipulation leads to allocation of resources. This vulnerability is listed as CVE-2026-41227. The attack may be initiated remotely. There is no available exploit. It is suggested to upgrade the affected component.

A vulnerability labeled as critical has been found in F5 BIG-IP. Affected by this issue is some unknown functionality of the component Traffic Management Microkernel. Executing a manipulation can lead to use after free. This vulnerability is tracked as CVE-2026-41218. The attack can be launched remotely. No exploit exists. The affected component should be upgraded.

A vulnerability identified as problematic has been detected in F5 BIG-IP. Affected by this vulnerability is an unknown functionality of the component TMOS Shell. Performing a manipulation results in incorrect permission assignment. This vulnerability is identified as CVE-2026-41217. The attack is only possible with local access. There is not any exploit available. You should upgrade the affected component.

A vulnerability categorized as critical has been discovered in F5 NGINX Plus and NGINX Open Source. Affected is the function ngx_http_ssl_module of the component Configuration Handler. Such manipulation leads to use after free. This vulnerability is referenced as CVE-2026-40701. It is possible to launch the attack remotely. No exploit is available. It is advisable to upgrade the affected component.

Microsoft has addressed a known issue causing some Windows 11 systems to boot into BitLocker recovery after installing the April 2026 Windows security updates. [...]

A vulnerability was found in F5 BIG-IP, BIG-IP Next SPK, BIG-IP Next CNF and BIG-IP Next for Kubernetes. It has been rated as critical. This impacts an unknown function of the component Traffic Management Microkernel. This manipulation causes incorrect calculation of buffer size. The identification of this vulnerability is CVE-2026-40618. It is possible to initiate the attack remotely. There is no exploit available. Upgrading the affected component is advised.