Aggregator

网安人寒冬暖心计划，专为寒冬下的网安人服务。我们认为，越是寒冬，越需要真正优秀的网安产品。寒冬必将过去，经历寒冬打磨的优秀网安产品，在那时也必将大放异彩。因此，我们愿意投资并帮助优秀的网安产品团队抵御

阿里美团携程等国内互联网公司，在小红书发英文贴玩梗揽客1 月 14 日，随着近日大量 TikTok 用户注册小红书账号并分享内容，很多国内互联网公司也借机以玩梗名义试图吸引这波流量。携程向 TikTo

继 Meta 之后，亚马逊也将终止部分 DEI 项目； 欧盟将重新评估针对苹果、Meta 和谷歌等科技巨头的调查； Steam 平台 2024 年游戏数量激增，低质量作品泛滥成灾

你可能错过的新鲜事大疆推出 Vlog 航拍机 DJI Flip大疆于 1 月 14 日发布 Vlog 航拍机 DJI Flip，这款航拍机主打轻巧便携、易于操控和影像能力，旨在为用户提供简单易用的

致力于提高教学效率和数据中心管理的灵活性。

✦✦行业背景✦教育信息化建设正经历着从“数字校园”到“智慧校园”的重要演变，自《教育信息化2.0行动计划》颁布以来，校园信息化便紧紧围绕着智慧校园开展系列的基础建设。数字校园是智慧校园的基础，而智慧校

In an industry where security needs evolve as rapidly as the threats themselves, standing still isn'

This daily article is intended to make it easier for those who want to stay updated with my regular Dark Web Informer and X/Twitter posts.

A Threat Actor Claims to be Selling Access to an Unidentified Indian APK and Software Studio

Company has issued patches for an unprecedented 159 CVEs, including eight zero-days, three of which attackers are already exploiting.

Microsoft today unleashed updates to plug a whopping 161 security vulnerabilities in Windows and related software, including three "zero-day" weaknesses that are already under active attack. Redmond's inaugural Patch Tuesday of 2025 bundles more fixes than the company has shipped in one go since 2017.

A Threat Actor Claims to be Selling Access to an Unidentified Polish Group of Companies

A vulnerability has been found in GestiolP 3.5.7 and classified as problematic. Affected by this vulnerability is the function ip_do_job. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2024-50857. The attack can be launched remotely. There is no exploit available.

A vulnerability, which was classified as problematic, was found in GestiolP 3.5.7. Affected is an unknown function of the file ip_mod_dns_key_form.cgi. The manipulation of the argument TSIG Key leads to cross site scripting. This vulnerability is traded as CVE-2024-50861. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in GestiolP 3.5.7. This issue affects the function ip_import_acl_csv. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2024-50859. The attack may be initiated remotely. There is no exploit available.

Microsoft is warning that the January 2025 Windows 11 and Windows 10 cumulative updates may fail if Citrix Session Recording Agent (SRA) version 2411 is installed on the device. [...]

A vulnerability classified as problematic was found in vCita Event Registration Calendar Plugin up to 1.4.0 on WordPress. This vulnerability affects unknown code. The manipulation leads to cross site scripting. This vulnerability was named CVE-2024-11870. The attack can be initiated remotely. There is no exploit available.