Aggregator

当前环境异常，需完成验证后才能继续访问。

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.1.141/6.6.93/6.12.33/6.15.2/368ea32e0ad0335bdf3180067875a928e35387c6. This issue affects some unknown processing of the component phy. The manipulation leads to null pointer dereference. The identification of this vulnerability is CVE-2025-38275. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 6.6.93/6.12.33/6.15.2. This vulnerability affects the function fpga_mgr_test_img_load_sgt of the component fpga. The manipulation leads to null pointer dereference. This vulnerability was named CVE-2025-38274. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

这篇文章探讨了预训练数据中概念频率与零样本学习性能之间的关系，并通过使用RAM++模型和选择合适的阈值来评估图像中的概念频率。此外，作者还分析了不同预训练数据中图像-文本对的对齐情况。

A vulnerability classified as problematic has been found in Linux Kernel up to 6.15.2. This affects an unknown part of the component net. The manipulation leads to privilege escalation. This vulnerability is uniquely identified as CVE-2025-38272. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

Island CEO Mike Fey on Drivers for SASE, Identity Features in Enterprise Browser
Island co-founder and CEO Mike Fey outlines how the enterprise browser is evolving through AI, SASE and hyperscaler investments to enhance governance, reduce backhaul traffic and support secure access across diverse industries such as healthcare and finance.

Phishing Emails Disguise Malware as Contract Files
A Russian cybersecurity company is warning that hackers are targeting Russia's industrial sector using a previously undocumented spyware, reeling them in with contract-themed emails lures. Kaspersky dubbed the spyware "Batavia." but doesn't attribute the campaign to a threat actor.

Impersonation Hoax Leverages Top Officials' Known Use of Commercial Messaging App
Security analysts tell Information Security Media Group more impersonation scams fueled by artificial intelligence - like the recent one involving Secretary of State Marco Rubio - may increasingly target top U.S. officials if the government continues failing to enforce strict security protocols.

《关键信息基础设施商用密码使用管理规定》已经2025年4月21日国家密码管理局局务会议审议通过，并经国家互联网信息办公室、公安部同意，现予公布，自2025年8月1日起施行。

OS漏洞分类新突破！ 传统NVD分类粗、错、慢。摄星玄猫重构全球OS资产漏洞分类，动态更新、覆盖更广，实现漏洞精准定位与分责修复。

随着各组织争相采用 agentic AI，安全负责人必须正视日益增长的“隐形威胁”和全新攻击路径。虽然 agentic AI 看似令人欣喜，但它携带的安全隐患不容忽视。

当前环境异常，需完成验证后方可继续访问。

当前环境异常，请完成验证以继续访问。

当前环境出现异常状态，需完成验证后方可继续访问。

A vulnerability was found in Linux Kernel up to 6.15.2. It has been rated as critical. Affected by this issue is the function rtnl_create_link in the library include/net/netdev_lock.h. The manipulation leads to null pointer dereference. This vulnerability is handled as CVE-2025-38271. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.12.33/6.15.2/6.16-rc1. It has been declared as problematic. Affected by this vulnerability is the function napi_complete of the file net/core/dev.c of the component net. The manipulation leads to privilege escalation. This vulnerability is known as CVE-2025-38270. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.12.33/6.15.2. It has been classified as critical. Affected is the function btrfs_convert_extent_bit of the component btrfs. The manipulation leads to null pointer dereference. This vulnerability is traded as CVE-2025-38269. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.12.33/6.15.2 and classified as critical. This issue affects the function tcpm_queue_vdm_unlocked of the component DisplayPort Alt Mode Driver. The manipulation leads to deadlock. The identification of this vulnerability is CVE-2025-38268. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.15.2 and classified as critical. This vulnerability affects the function wait_entry_unlocked_exclusive of the component fs. The manipulation leads to excessive iteration. This vulnerability was named CVE-2025-38276. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.