Aggregator

近日，国家互联网信息办公室发布《国家网络安全事件报告管理办法》，旨在进一步规范网络安全事件报告，减少安全事件造成的损失和危害，维护国家网络安全。这一举措对于完善我国网络安全治理体系、提升网络安全保障能力具有重要意义。

9月15日，2025年国家网络安全宣传周开幕式在云南省昆明市举行。

Submit #648597 / VDB-323918

Submit #648580 / VDB-323917

Submit #648542 / VDB-323916

Submit #648541 / VDB-323915

Submit #648520 / VDB-323914

Vulnerabilities are discovered daily—but not every alert matters. SecAlerts pulls from 100+ sources for faster, real-time vuln alerts, filtering the noise so teams can patch quicker and stay secure. [...]

At DjangoCon US 2025, speakers emphasized seasoned tech over hype, featuring secure GitOps workflows, simpler frontend alternatives, and sustainable open-source models.

The post DjangoCon US 2025: Security, Simplicity, and Community appeared first on Security Boulevard.

CISA's Secure by Design planted a flag. Now, it's on those who care about safeguarding systems to pick up the torch and take action to secure systems throughout the enterprise.

Оказывается, чем проще файл, тем сложнее атака.

Submit #648516 / VDB-323913

In mid-July 2025, a novel campaign emerged in which cybercriminals weaponized generative AI to fabricate deepfake images of government IDs, embedding them within spear-phishing messages that bypassed traditional antivirus safeguards. These emails impersonated military and security institutions, complete with convincing visual assets generated by ChatGPT. Recipients were urged to review “draft” ID cards, triggering the […]

The post Hackers Using Generative AI ‘ChatGPT’ to Evade Anti-virus Defenses appeared first on Cyber Security News.

Submit #648484 / VDB-323906

Microsoft has removed a safeguard hold that prevented some users from upgrading their systems to Windows 11 24H2 due to compatibility issues that were causing Bluetooth headsets and speakers to malfunction. [...]

A vulnerability classified as problematic was found in Linux Kernel up to 6.17-rc1. The impacted element is an unknown function of the component ACPI. Such manipulation leads to denial of service. This vulnerability is uniquely identified as CVE-2025-39799. The attack can only be initiated within the local network. No exploit exists. Upgrading the affected component is advised.

A vulnerability has been found in Linux Kernel up to 6.16.1 and classified as critical. Affected is an unknown function of the component ARM. The manipulation leads to denial of service. This vulnerability is referenced as CVE-2025-39794. The attack needs to be initiated within the local network. No exploit is available. The affected component should be upgraded.

A vulnerability described as critical has been identified in Linux Kernel up to 6.12.42/6.15.10/6.16.1. Impacted is the function dm_accept_partial_bio. The manipulation results in deadlock. This vulnerability is known as CVE-2025-39792. Access to the local network is required for this attack. No exploit is available. Upgrading the affected component is recommended.

A vulnerability identified as problematic has been detected in Liferay Portal and DXP. This issue affects some unknown processing. This manipulation causes cross site scripting. The identification of this vulnerability is CVE-2025-43794. It is possible to initiate the attack remotely. There is no exploit available.