Aggregator

CVE-2026-2844 | Microchip TimePictra up to 11.3 SP2 Configuration missing authentication (EUVD-2026-9101)

VulDB Recent Entries
3 months 3 weeks ago
A vulnerability, which was classified as critical, has been found in Microchip TimePictra up to 11.3 SP2. Impacted is an unknown function of the component Configuration Handler. This manipulation causes missing authentication. This vulnerability is registered as CVE-2026-2844. Remote exploitation of the attack is possible. No exploit is available.
vuldb.com

Metacritic 不收录 AI 生成的评测

Solidot
3 months 3 weeks ago
Metacritic 是一家聚合电影、电视、音乐专辑、游戏评测及其评分的网站,它会基于相关评分给出一个加权平均值。Metacritic 成立于 2001 年,至今有 25 年历史,它的综合评分获得了广泛认可。网站联合创始人 Marc Doyle 在一份声明中表示 Metacritic 不会收录 AI 生成的评测。在这之前,一家叫 Videogamer.com 的英国老牌游戏网站(曾经很受欢迎)在被博彩公司收购之后解雇了大部分员工,然后用 AI 生成了新游戏的评测和评分。该网站评测作者的肖像是用 ChatGPT 生成的。Metacritic 在获悉之后删除了该网站的评测。

OpenAI Will Deploy AI in US Military Classified Networks

BankInfoSecurity.com
3 months 3 weeks ago
Announcement Comes Hours After Trump Blacklists Anthropic
OpenAI said late Friday night it reached an agreement with the U.S. Department of Defense to deploy its large language models onto military classified networks. The announcement came hours after President Donald Trump instructed federal agencies to cease using AI developed by OpenAI rival Anthropic.

US and Israel Launch 'Major Combat Operations' Against Iran

BankInfoSecurity.com
3 months 3 weeks ago
Trump Says Combat Targets Regime in Tehran, As Iran Responds With Missile Attacks
U.S. President Donald Trump announced the launch of "major combat operations in Iran," in coordination with Israel, targeting the regime in Tehran over its nuclear ambitions. Iran responded with missile attacks, as cybersecurity experts forecast online reprisals.

CVE-2026-1542 | Super Stage WP Plugin up to 1.0.1 on WordPress Gadget deserialization (EUVD-2026-9099)

Vuldb Updates
3 months 3 weeks ago
A vulnerability identified as critical has been detected in Super Stage WP Plugin up to 1.0.1 on WordPress. Affected is an unknown function of the component Gadget Handler. This manipulation causes deserialization. The identification of this vulnerability is CVE-2026-1542. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com

CVE-2026-24714 | Netgear PR2000 TelnetEnable inclusion of undocumented features or chicken bits (EUVD-2026-9100)

Vuldb Updates
3 months 3 weeks ago
A vulnerability identified as problematic has been detected in Netgear PR2000. The impacted element is an unknown function of the component TelnetEnable. This manipulation causes inclusion of undocumented features or chicken bits. This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability is handled as CVE-2026-24714. The attack can be initiated remotely. There is not any exploit available.
vuldb.com

NASA 宣布 Artemis III 任务仍然是绕月而非登月

Solidot
3 months 3 weeks ago
NASA 宣布调整阿耳忒弥斯(Artemis)系列载人登月计划:原计划今年 3 月 6 日发射的 Artemis II 载人绕月飞行任务推迟到最早 4 月 1 日进行;Artemis III 载人登月任务不再计划登月,而仍然是绕月飞行。NASA 局长 Jared Isaacman 表示,更为循序渐进的新计划让 NASA 团队能测试飞行和改进技术。

AI网络爬虫安全白皮书

腾讯玄武实验室
3 months 3 weeks ago

Author: Guancheng Li and Zheng Wang of Tencent Xuanwu Lab

本文是腾讯玄武实验室发布的《AI网络爬虫安全白皮书》。我们系统分析了 AI 时代服务端浏览器 / 爬虫在真实业务中的典型使用方式,以及由此带来的新的攻击面与风险。

在这篇白皮书中,我们结合多款实际产品的安全测试案例,梳理了完整的攻击链路,并提出以“静态攻击面收敛 + 动态行为隔离”为核心的纵深防御框架,同时给出了开源防护方案 SEChrome,帮助企业在工程上落地安全的服务端浏览器架构。

下载链接:AI网络爬虫安全白皮书.pdf

xlab

Managed ad