Aggregator

关键词违反网络安全法一、上海某跨国公司违规出境用户信息案2025年5月，某国际时尚品牌被曝数据泄露，其中国公司

New shared projects, smarter connectors, and compliance and security updates help teams get more done.

The UK retailer estimated the losses from temporarily shutting down some of its systems to contain the threat

Cisco has fixed 14 vulnerabilities in IOS and IOS XE software, among them CVE-2025-20352, a high-severity vulnerability that has been exploited in zero-day attacks. About CVE-2025-20352 Cisco IOS software can be found on older models of Cisco Catalyst switches, Integrated Services Routers, and small enterprise and branch routers, as well as many legacy platforms. Cisco IOS XE software powers many of the company’s high-performance wireless controllers, routers and switches, including virtual routers and industrial networking … More →

The post Cisco fixes IOS/IOS XE zero-day exploited by attackers (CVE-2025-20352) appeared first on Help Net Security.

近日，网信部门依法对多家未有效落实主体责任，在热搜榜过度推送明星八卦、娱乐琐事，助长“泛娱乐化倾向”，破坏网络生态的平台作出处置。这一举措再次引发公众对流量与内容质量应如何平衡的思考，也折射出智能时代舆论生态的复杂性与治理的紧迫性。

中方倡议各国结合自身国情积极开展“人工智能+”行动，本着相互尊重、互利共赢原则，加强政策交流与务实合作，分享最佳实践和解决方案。

2025年3月，国家互联网信息办公室等四部门联合发布《人工智能生成合成内容标识办法》，配套的强制性国家标准《网络安全技术 人工智能生成合成内容标识方法》也同时出台，两者于2025年9月1日起正式施行。

在带来无限机遇与强劲活力的同时，人工智能技术迭代与应用场景的泛化多元也助推了新型安全风险的滋生蔓延。面对智能时代的新机遇、新挑战、新问题，加快凝聚创新发展“向心力”、共筑人工智能“安全堤”，已成为护航网络强国建设、推动数字中国发展的时代命题

Urgent warning for Fortra GoAnywhere MFT users. A CVSS 10.0 deserialization vulnerability (CVE-2025-10035) in the License Servlet allows command injection. Patch to v7.8.4 immediately to prevent system takeover.

Исследователи нашли способ создания практически неуничтожимых цифровых паразитов.

A recent credential phishing campaign detected by Microsoft Threat Intelligence used AI-generated code within an SVG file to disguise malicious behavior. While the novel obfuscation techniques showcased attacker ingenuity, AI-powered defenses successfully blocked the attack—underscoring that AI-augmented threats remain detectable when defenders adapt analytic strategies. On August 18, Microsoft Threat Intelligence identified a targeted phishing […]

The post Hackers Use AI-Generated Code to Obfuscate Payloads and Bypass Traditional Defenses appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

GitHub 将执行更严格的认证和发布规则，提升 NPM 注册表的安全性。

速更新

在与英伟达、美国政府和软银集团达成了数十亿美元的协议之后，英特尔已接洽苹果讨论投资和更紧密的合作。双方的磋商处于早期阶段，可能不会达成协议。达成利润丰厚的合作伙伴关系并说服外部客户使用其工厂代工芯片是芯片巨人未来发展的关键。如果能说服苹果投资英特尔，这将是对英特尔的又一次信任投票。苹果在 2020 年之后转向设计自己的笔记本用 ARM 芯片，在这之前它一直是英特尔的长期客户。对苹果而言，它高度依赖于英特尔的竞争对手台积电代工芯片，如果能利用英特尔的芯片工厂，将有助于实现芯片制造供应商多元化。

用数据说话，360大模型安全卫士为AI安全保驾护航

A vulnerability marked as critical has been reported in MuFen-mker PHP-Usermm up to 37f2d24e51b04346dfc565b93fc2fc6b37bdaea9. This affects an unknown part of the file /chkuser.php. Performing manipulation of the argument Username results in sql injection. This vulnerability was named CVE-2025-10967. The attack may be initiated remotely. In addition, an exploit is available. This product uses a rolling release model to deliver continuous updates. As a result, specific version information for affected or updated releases is not available. The vendor was contacted early about this disclosure but did not respond in any way.

The post <b>Post-Quantum Cryptography and the Future of Data Security</b> appeared first on Sovy.

The post Post-Quantum Cryptography and the Future of Data Security appeared first on Security Boulevard.

A vulnerability labeled as critical has been found in LazyAGI LazyLLM up to 0.6.1. Affected by this issue is the function lazyllm_call of the file lazyllm/components/deploy/relay/server.py. Such manipulation leads to deserialization. This vulnerability is uniquely identified as CVE-2025-10965. The attack can be launched remotely. Moreover, an exploit is present.

Submit #653138 / VDB-325834

微软 AI 部门 CEO Mustafa Suleyman 表示该公司计划将 Edge 改造成一款“智能体浏览器（agentic browser）”，在用户注视下浏览器集成的 AI 助手 Copilot 将控制标签页、浏览网站，完成不同任务。Suleyman 描述了 Copilot 打开标签页、同时阅读多个网页，实时透明的执行搜索。AI 助手能直接访问网站，保留了内容出版商的流量。Copilot 目前的功能包括标签页导航、页面滚动和内容高亮显示等。Suleyman 预测，AI 助手将在数年内负责大多数浏览任务，而用户则提供监督和反馈。