Aggregator

“网络生态治理是世界各国面临的共同课题”。习近平主席指出，“网络安全是全球性挑战，没有哪个国家能够置身事外、独善其身，维护网络安全是国际社会的共同责任”。

根据2026年5月25日国家市场监督管理总局、国家标准化管理委员会发布的中华人民共和国国家标准公告（2026年第23号），全国网络安全标准化技术委员会归口的18项国家标准正式发布。

一台售价仅几百元的家用气象站，竟24小时对着军事禁区采集气象数据并自动上传至境外服务器！这不是谍战片里的虚构情节，而是真实发生在我们身边的泄密事件。

当下，世界百年未有之大变局加速演进，中国之治与西方之乱形成鲜明对比，国家间的综合实力竞争日趋激烈，新一轮人才争夺战也在逐步向纵深推进。人才安全是国家安全体系的重要构成部分，关乎经济安全、科技安全乃至政治安全。

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds LiteSpeed cPanel Plugin flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the LiteSpeed cPanel Plugin flaw CVE-2026-48172 to its Known Exploited Vulnerabilities (KEV) catalog. CVE-2026-48172 (CVSS score of 10.0) affects the LiteSpeed User-End cPanel plugin before version 2.4.5 and allows […]

If your network is online and generating revenue, it is a potential target. That is not an exaggeration, but the reality of the modern internet. And if you are currently relying on a standard transit provider with a DDoS mitigation service bolted on top, there is a possibility that your protection has a gap in […]

The post Clean Transit: What it is, what it can do and why it matters for your network appeared first on Link11.

它破坏了企业服务赖以生存的整条信任链

Cybercriminals are spoofing Fédération Internationale de Football Association (FIFA) websites ahead of the 2026 FIFA World Cup, the FBI warns. The attackers are registering lookalike domains with small spelling changes or different domain endings to impersonate FIFA websites and services. The tactic, known as typosquatting, relies on users making small typing mistakes when entering website addresses. People who land on the fake sites may hand over names, addresses, phone numbers, email addresses, banking details, or … More →

The post A single typo could derail your World Cup plans appeared first on Help Net Security.

GCHQ director urges urgent business cyber action as AI and quantum reshape the threat

Любой сайт может узнать, какие вкладки и приложения открыты на вашем устройстве.

A Canadian man was sentenced to 33 years in prison after pleading guilty to targeting more than 145 children across the United States, some as young as 6 years old, in an eight-year-long sextortion scheme. [...]

An advanced remote access Trojan is propagating online. Notably, it's delivered via an operator licensing model and features a no-code malware-development interface.

Как безответственное раскрытие уязвимостей превращает багхантеров в невольных сообщников.

Recently, multiple supply-chain incursions have plagued the NPM ecosystem. Typically, cybercriminals leverage leaked credentials to manipulate repositories and distribute compromised iterations. However, an utterly bizarre campaign has recently materialized. Specifically, the popular NPM package...

The post The CodexUI Android Anomalous Supply-Chain Inversion: A Paradox of Developer Malevolence appeared first on Information Security News.

FT 报道，英伟达 CEO 黄仁勋已同意加入清华大学经管学院的顾问委员会——该委员会现任主席是苹果 CEO 库克(Tim Cook)——黄仁勋正力争维持与北京方面的关系。清华大学位于北京，是中国专注于科学和工程的顶尖学府，该校经济管理学院顾问委员会的公开目标包括帮助该商学院加强国际联系和塑造长期战略。委员会中的美国企业高管还包括了马斯克（Elon Musk）、扎克伯格（Mark Zuckerberg）以及微软 CEO 纳德拉(Satya Nadella)。

Recently, an independent security researcher publicly exposed a critical zero-day vulnerability alongside its functional proof-of-concept code. Specifically, the exploit bypasses the Microsoft BitLocker encryption subsystem under the moniker YellowKey. Consequently, the Microsoft Threat Intelligence...

The post The Escalating Rift Over Zero-Day Disclosures: Microsoft Condemns Uncoordinated Vulnerability Release appeared first on Information Security News.

An overview of the activities of selected APT groups investigated and analyzed by ESET Research in Q4 2025 and Q1 2026

由于内存和 SSD 价格飙升，Valve 大幅提高了 Steam Deck 掌机的售价。以美国地区为例，512GB OLED 版本售价从 549 美元提高到 789 美元，上涨 240 美元；1TB OLED 版本售价从 649 美元提高至 949 美元，上涨 300 美元。Steam Deck 掌机于 2022 年 2 月推出，早期版本使用的屏幕是 LCD，2023 年 11 月 Valve 将屏幕从 LCD 升级到 OLED，淘汰了 LCD 版本。Steam Deck 配备的是 16 GB LPDDR5，从去年底开始内存价格上涨了数倍，SSD 的涨势没有这么夸张，但也更贵了。