Aggregator

近日，vivo自主研发的蓝心大模型率先通过了信通院AIIA安全标准测评，成为行业内首批完成此测评的企业，蓝心大模型更在所有测试项目中荣获最高认证级别的优秀防护级！

JPCERT/CC has been observing attack acti...

众所周知，Python 类题目最难的一类是使用 cython工具将 Python 代码转成 C 代码并编译成二进制库。

您有一份周报待查收......

Nacos安全漏洞时间脉络，横跨 2020 ～ 2024 的 sql 2 rce

Nacos安全漏洞时间脉络，横跨 2020 ～ 2024 的 sql 2 rce

Bonjour Service 'mDNSResponder.exe' - Unquoted Service Path Privilege Escalation

Trend Micro partners with IBM to offer advanced threat detection and response for protecting critical infrastructures running on IBM Power servers

Nacos安全漏洞时间脉络，横跨 2020 ～ 2024 的 sql 2 rce

本文是“深耕研发安全”系列的第二篇，主要介绍从纯安全的视角出发，紧密围绕漏洞及治理，结合对成本的考虑，去定位研发过程中的漏洞生产源，从而找出最佳的研发安全工作切入点。

At least a dozen organizations with domain names at domain registrar Squarespace saw their websites hijacked last week. Squarespace bought all assets of Google Domains a year ago, but many customers still haven't set up their new accounts. Experts say malicious hackers learned they could commandeer any migrated Squarespace accounts that hadn't yet been registered, merely by supplying an email address tied to an existing domain.

MITRE 的 ATT&CK Enterprise 评估是迄今为止最大规模的 EDR 评估工作

How to prevent malicious advertisements from ruining your day.