Qilin
You must login to view this content
Aggregator
雨之灵动:如何在六个月内从 0 到 1 落地爆款 AI 潮玩
4 months 1 week ago
AI+潮玩新物种,雨之灵动在阿里云 AI 应用及服务市场「选买用」为用户创造「心流」体验。
苹果 Xcode 终于引入 AI,「Agentic Coding」攻入「果系」开发者大本营
4 months 1 week ago
苹果 Xcode 26.3 原生集成 Claude 与 Codex,AI 代理能自主浏览项目、修改代码,重塑开
紧急预警! 钓鱼邮件破4.25亿+银狐黑产肆虐,邮件安全方案速收
4 months 1 week ago
《2025Q4 企业邮箱安全报告》重磅发布!深度解析三大趋势,点击立领完整版报告→
Moltbot AI助手企业部署引发数据安全隐患 或致API密钥等敏感数据泄露
4 months 1 week ago
这款AI助手默认未开启沙箱隔离机制,这意味着该机器人拥有与用户完全相同的数据访问权限。
How Secure by Design helps developers build secure software
4 months 1 week ago
Security isn’t just a feature, it’s a foundation. As cyber threats grow more sophisticated and regulations tighten, developers are being asked to do more than just write clean code. They’re being asked to build software that’s secure by design throughout its lifetime. To help developers meet this challenge, the Center for Internet Security (CIS) and the Software Assurance Forum for Excellence in Code (SAFECode) released Secure by Design: A Guide to Assessing Software Security Practices. … More →
The post How Secure by Design helps developers build secure software appeared first on Help Net Security.
Help Net Security
Минус 8 км на экваторе, минус 24 на полюсах. Юпитер оказался компактнее, чем написано в учебниках
4 months 1 week ago
Как Вояджер опроверг эталонные измерения 70-х годов.
8K 电视时代尚未到来
4 months 1 week ago
电视行业已经普及了 4K 分辨率,但在可预见的未来 8K 电视时代还不会到来,主要电视厂商都停止推出新款的 8K 电视产品。LG Display 停产 8K LCD 或 OLED 面板,LG 电子是第一家也是唯一一家销售 8K OLED 电视的厂商,它最后一款 LCD 8K TV 是 2024 年推出的 QNED99T。TCL 最后一款 8K 电视是在 2021 年推出的,索尼的 8K 电视也停产了,它的电视业务正被 TCL 接手。市场研究公司 Omdia 在 2024 年 9 月发表报告称,4K 电视已接近 10 亿台,但 8K 电视的销量仅为 160 万台。三星、TCL、海信和友达光电成立的 8K Association 在 2022 年有 33 名成员,今天只剩下 16 名,其中没有任何主流电视面板供应商。
CISA Adds Actively Exploited SolarWinds Web Help Desk RCE to KEV Catalog
4 months 1 week ago
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw impacting SolarWinds Web Help Desk (WHD) to its Known Exploited Vulnerabilities (KEV) catalog, flagging it as actively exploited in attacks.
The vulnerability, tracked as CVE-2025-40551 (CVSS score: 9.8), is a untrusted data deserialization vulnerability that could pave the way for remote
The Hacker News
One Identity Appoints Gihan Munasinghe as Chief Technology Officer
4 months 1 week ago
Alisa Viejo, United States, 4th February 2026, CyberNewsWire
CyberNewswire
One Identity Appoints Gihan Munasinghe as Chief Technology Officer
4 months 1 week ago
Alisa Viejo, United States, 4th February 2026, CyberNewsWire
The post One Identity Appoints Gihan Munasinghe as Chief Technology Officer appeared first on Security Boulevard.
cybernewswire
CVE-2023-53659 | Linux Kernel up to 5.10.187/5.15.122/6.1.41/6.4.6 iavf_remove out-of-bounds (EUVD-2025-31955 / Nessus ID 280143)
4 months 1 week ago
A vulnerability, which was classified as critical, was found in Linux Kernel up to 5.10.187/5.15.122/6.1.41/6.4.6. This issue affects the function iavf_remove. Such manipulation leads to out-of-bounds read.
This vulnerability is listed as CVE-2023-53659. The attack must be carried out from within the local network. There is no available exploit.
You should upgrade the affected component.
vuldb.com
CVE-2023-53661 | Linux Kernel up to 5.15.112/6.1.29/6.3.3 bnxt bnxt_get_nvram_directory buffer overflow (EUVD-2025-31948 / Nessus ID 278484)
4 months 1 week ago
A vulnerability was found in Linux Kernel up to 5.15.112/6.1.29/6.3.3. It has been declared as critical. The impacted element is the function bnxt_get_nvram_directory of the component bnxt. Executing a manipulation can lead to buffer overflow.
This vulnerability is handled as CVE-2023-53661. The attack can only be done within the local network. There is not any exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2023-53664 | Linux Kernel up to 6.5.2 OPP drivers/opp/core.c dev_pm_opp_get_required_pstate null pointer dereference (EUVD-2025-31949 / WID-SEC-2025-2229)
4 months 1 week ago
A vulnerability was found in Linux Kernel up to 6.5.2. It has been classified as critical. This issue affects the function dev_pm_opp_get_required_pstate of the file drivers/opp/core.c of the component OPP. Performing a manipulation results in null pointer dereference.
This vulnerability is reported as CVE-2023-53664. The attacker must have access to the local network to execute the attack. No exploit exists.
Upgrading the affected component is recommended.
vuldb.com
CVE-2023-53663 | Linux Kernel up to 6.1.53/6.5.3 KVM nested.c MSR_AMD64_TSC_RATIO assertion (EUVD-2025-31965 / WID-SEC-2025-2229)
4 months 1 week ago
A vulnerability identified as critical has been detected in Linux Kernel up to 6.1.53/6.5.3. Affected is the function MSR_AMD64_TSC_RATIO of the file arch/x86/kvm/svm/nested.c of the component KVM. This manipulation causes reachable assertion.
The identification of this vulnerability is CVE-2023-53663. The attack needs to be done within the local network. There is no exploit available.
You should upgrade the affected component.
vuldb.com
CVE-2023-53658 | Linux Kernel up to 6.4.3 platform_get_drvdata use after free (EUVD-2025-31957 / Nessus ID 270263)
4 months 1 week ago
A vulnerability labeled as critical has been found in Linux Kernel up to 6.4.3. This affects the function platform_get_drvdata. The manipulation results in use after free.
This vulnerability is identified as CVE-2023-53658. The attack can only be performed from the local network. There is not any exploit available.
The affected component should be upgraded.
vuldb.com
CVE-2023-53665 | Linux Kernel up to 6.5.4 md export_rdev null pointer dereference (EUVD-2025-31974 / WID-SEC-2025-2229)
4 months 1 week ago
A vulnerability identified as critical has been detected in Linux Kernel up to 6.5.4. This affects the function export_rdev of the component md. This manipulation causes null pointer dereference.
This vulnerability is handled as CVE-2023-53665. The attack can only be done within the local network. There is not any exploit available.
You should upgrade the affected component.
vuldb.com
CVE-2023-53666 | Linux Kernel up to 5.15.122/6.1.41/6.4.6 ASoC wcd_mbhc_start null pointer dereference (EUVD-2025-31969 / WID-SEC-2025-2229)
4 months 1 week ago
A vulnerability labeled as critical has been found in Linux Kernel up to 5.15.122/6.1.41/6.4.6. This impacts the function wcd_mbhc_start of the component ASoC. Such manipulation leads to null pointer dereference.
This vulnerability is uniquely identified as CVE-2023-53666. The attack can only be initiated within the local network. No exploit exists.
The affected component should be upgraded.
vuldb.com
CVE-2023-53674 | Linux Kernel up to 5.15.120/6.1.38/6.3.12/6.4.3 clk devm_clk_notifier_register memory leak (EUVD-2025-31940 / WID-SEC-2025-2229)
4 months 1 week ago
A vulnerability was found in Linux Kernel up to 5.15.120/6.1.38/6.3.12/6.4.3 and classified as critical. This affects the function devm_clk_notifier_register of the component clk. Executing a manipulation can lead to memory leak.
This vulnerability appears as CVE-2023-53674. The attacker needs to be present on the local network. There is no available exploit.
It is suggested to upgrade the affected component.
vuldb.com
Why incident response breaks down when it matters most
4 months 1 week ago
In this Help Net Security video, Jon David, Managing Director, NR Labs, discusses why incident response often breaks down during a breach. Drawing on years of experience watching real attackers operate across many industries, he walks through what tends to fail once pressure sets in. He explains how hesitation, poor escalation, and weak communication allow attackers to move faster than defenders. The discussion focuses on how trust, connectivity, and human behavior are often exploited more … More →
The post Why incident response breaks down when it matters most appeared first on Help Net Security.
Help Net Security