Aggregator

德国联邦统计局的初步数据显示，2025 年新生儿数量降至 1946 年以来最低水平。2025 年德国新生儿数约 65.5 万，远低于 1964 年婴儿潮高峰时的 136 万，2024 年的新生儿数据是 68 万。与此同时德国死亡人数接近 101 万，使得 2025 年死亡人数与出生人数之差超过 35.2 万，创战后历史新高。德国出生率连续第四年下降，目前每名妇女平均生育 1.35 个孩子，创历史新低，远低于维持人口稳定所需的 2.1 个孩子。汉堡是唯一一个生育率上升的德国州，2025 年增长了 0.5%。

Разработчики представили Fedora 44 с обновленным GNOME и поддержкой Wayland.

The Oak Ridge National Laboratory (ORNL) has developed a portable detector that identifies GPS spoofing in real time, including during motion, to help protect transportation systems. Spoofing involves transmitting counterfeit signals that imitate authentic GPS transmissions and produce false information about location, time, or both. GPS jamming, another form of interference, overwhelms receivers with noise and blocks legitimate satellite signals. GPS spoofing overrides real satellite signals to trick a vehicle’s positioning software into following the … More →

The post Researchers develop tool to expose GPS signal spoofing in transit networks appeared first on Help Net Security.

瑞士邮件服务商 Proton 利用 2025 年广告竞价数据，分析了逾 54,000 个人口画像，估算广告商为触达不同类美国人所支付的价格。结果显示不同人之间的价格差距远超想象。美国人平均每年产生的广告价值约 1,605 美元；一名居住在蒙大拿州 Bozeman 市、年龄 35-44 岁之间、无子女、用台式机进行高价值企业搜索的男性，其广告价值估计为 17,929.30 美元；一位居住在阿肯色州 Fort Smith 市、年龄在 18-24 岁之间、用 Android 手机进行低价值搜索的父亲，其广告价值仅为 31.05 美元。1,605 美元的平均值与 760 美元的中位数显示，少数高价值用户拉高了平均值，而此类商业模式依赖于高价值用户。分析显示，无子女用户的广告价值比有子女用户平均高出约 17%，一旦某个用户被标记为有子女，针对他们的广告投放会从每次点击 6 美元的财富管理广告转向每次点击 2 美元的面包车和幼儿园广告。台式机用户的价值是 Android 用户的 4.9 倍，苹果 iPhone 用户的价值是 Android 用户的 2.7 倍。用户年龄在 35-44 岁之间时广告价值最高，65 岁后广告价值下降——虽然老年用户价值下降，但针对他们的广告则属于高消费类别如医保补充保险、药品和金融产品。老年人的总体价值降低，但广告商的投放力度更精准。为什么蒙大拿州 Bozeman 市居民的广告价值高？因为大量远程科技工作者的涌入和户外休闲消费使其成为全美竞争最激烈的本地广告市场之一。

Cybersecurity researchers have disclosed details of a Linux local privilege escalation (LPE) flaw that could allow an unprivileged local user to obtain root. The high-severity vulnerability tracked as CVE-2026-31431 (CVSS score: 7.8) has been codenamed Copy Fail by Xint.io and Theori. "An unprivileged local user can write four controlled bytes into the page cache of any readable file on a Linux

Proxmox Backup Server 4.2 is a maintenance and feature update built on Debian 13.4 “Trixie” that adds S3-compatible object storage as a supported backend and introduces parallel processing for sync jobs. The server ships the new version with Linux kernel 7.0 as the stable default and ZFS 2.4 for storage operations. Updated packages, broader hardware support, and security fixes accompany the kernel and filesystem changes. S3 object storage joins the supported backends S3-compatible object stores … More →

The post Proxmox Backup Server 4.2 arrives with S3 storage support and parallel sync jobs appeared first on Help Net Security.

Ukrainian police detained three suspects accused of hacking into Roblox accounts and reselling the data on Russian websites, with payments made in cryptocurrency. Police raid (Source: The Prosecutor General’s Office of Ukraine) “Prosecutors of the Lviv region, together with the cyber police and the Security Service of Ukraine, have stopped the activities of a group that gained access to other people’s gaming accounts and used them as a source of income,” The Prosecutor General’s Office … More →

The post Hackers arrested for stealing and reselling 600,000 Roblox accounts appeared first on Help Net Security.

The European Commission accuses Meta of failing to protect children, allowing users under 13 on Instagram and Facebook, in breach of the DSA rules. The European Commission has accused Meta of violating child safety rules. Instagram and Facebook allegedly failed to prevent children under 13 from accessing their platforms. According to the Commission, Meta did […]

Marsh’s 2026 People Risks survey finds cyber‑related challenges dominate, as cyber‑threat literacy tops risks and cyber and AI skills shortages rise

期待更多安全研究员积极参与申请CVE！

第四届白帽赏金挑战赛正式开启！额外奖励、新人加成、现金buff尽在OSRC！

无聊的时候打开了某SRC，发现了新增资产，于是立即开启了本次的漏洞挖掘之路。

火绒在岗 轻松过节 | 这份终端安全防护提示请您收好

Warnings about helpdesk impersonation scams and Iran-linked hackers targeting critical sectors in the US, plus the most damaging scams of 2025 - here's some of what made the headlines this month

Copy Fail меняет код в памяти ядра, поэтому системы мониторинга не видят подмены.

2026年4月30日，深瞳漏洞实验室监测到一则Linux Kernel组件存在权限提升漏洞的信息，漏洞编号：CVE-2026-31431，漏洞威胁等级：高危。

最新的中东能源危机促使亚洲国家加大燃煤发电，而煤炭是高污染排放来源，如果这一趋势继续，全球气候变化问题将会愈发严峻。印度宣布推迟对国内燃煤电厂的维护检查。国际能源署（IEA）的数据显示，截至 2023 年，印度发电中煤炭占 74%。石油和天然气合计约占 3%，来自中东的采购存在制约，印度通过增加煤炭火力来避免停电风险。泰国电力公司重启原计划停用的 2 座燃煤机组。韩国暂时解除了以发电能力 80% 为上限的煤炭火电站的运行限制，推迟原定于 6 月关闭的两座火电站的关闭时间。日本也将提高煤炭火力发电站的开工率。孟加拉国则增加煤炭的供应来源。全球最大的发电用煤炭出口国印尼计划上调原定为 6 亿吨的 2026 年煤炭生产计划。第二大出口国澳大利亚政府也计划扩大煤炭生产。

3,9 млн устройств заражены, хозяева до сих пор не знают.

Log Horizon connects to your Microsoft Sentinel workspace (and optionally Defender XDR), goes through every log table you’re ingesting,

The post Earning Their Keep: Audit Your Microsoft Sentinel Log Value with “Log Horizon” appeared first on Penetration Testing Tools.