Aggregator

原文标题：Analysis of DTLS Implementations Using Protocol State Fuzzing原文作者：Paul Fiterau-Brostean, Bengt

#硬件设备 华硕推出全球首款基于 Thunderbolt 5 外接显卡 eGPU + 扩展坞，内置 RTX 5090 移动版，售价 2199.99 美元。这款扩展坞内置 350W 电源

过年前来了这么个事，简单记录下

前言

某年某日的一天，我看到某IM应用发布了一个全新的桌面客户端开始了公测

我马上就下载来试用了一番，发现它使用了electron重构了PC客户端。用electron重写？逆起来应该很容易吧

A vulnerability has been found in Progress Sitefinity up to 14.4.8142/15.0.8229/15.1.8327/15.2.8421 and classified as critical. This vulnerability affects unknown code. The manipulation leads to session expiration. This vulnerability was named CVE-2024-11627. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Progress Software Sitefinity up to 14.4.8142/15.0.8229/15.1.8327/15.2.8421. This affects an unknown part. The manipulation leads to information exposure through error message. This vulnerability is uniquely identified as CVE-2024-11625. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

社区速递 076 | 你没见过的社区文章、一周最热评、派友的年度应用除了首页时间流和侧栏的精选展位，少数派 Matrix 社区还有很多优秀内容因条件所限无法得到有效曝光，因此我们决定重启 Matrix

某年某日的一天，我看到某IM应用发布了一个全新的桌面客户端开始了公测我马上就下载来试用了一番，发现它使用了electron重构了PC客户端。用electron重写？逆起来应该很

攻击面管理安全案例研究 | 城商行统一安全管理平台运营 日期：2025年01月07日 阅：72

本案例正式收录于《攻击面管理技术应用指南（2024版）》，项目由绿盟科技集团股份有限公司实施，并提供案例研究支 […]

外交部：美方炒作“中国黑客攻击”并发起制裁，中方坚决反对；国家网络安全通报中心：发现一批境外恶意网址和恶意IP | 牛览 日期：2025年01月0

新闻速览 •外交部：美方炒作“中国黑客攻击”并发起制裁，中方坚决反对 •国家网络安全通报中心：发现一批境外恶意 […]

Critical Infrastructure / Cyber AttackThe U.S. Cybersecurity and Infrastructure Security Agency (C

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday said there are no indications that the cyber attack targeting the Treasury Department impacted other federal agencies. The agency said it's working closely with the Treasury Department and BeyondTrust to get a better understanding of the breach and mitigate its impacts. "The security of federal systems and the data they

#硬件设备 英伟达宣布 RTX 20/30/40/50 系显卡均支持 DLSS 4 超分辨率技术，但诸如多帧生成功能仅支持 RTX 50 系显卡。在首发日有 75 款游戏和应用带来 D

shiro 721：填充攻击，在未知密钥的情况下构造出payload的密文，从而导致反序列化（shiro 550)

A vulnerability was found in Deno up to 2.1.1. It has been declared as problematic. Affected by this vulnerability is the function fetch of the component Authorization Header Handler. The manipulation leads to information disclosure. This vulnerability is known as CVE-2025-21620. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

US adds Tencent to the list of companies supporting Chinese military

US adds Tencent to the list of companies supporting Chinese military

US adds Chinese multinational technology and entertainment conglomerate Tencent to the list of companies supporting the Chinese military. The US Department of Defense has added Chinese multinational technology and entertainment conglomerate Tencent to its “Chinese military company” list under the Section 1260 requirement. The US government does not explain the decision. The list includes the […]