Aggregator

Mozilla addressed a critical vulnerability, tracked as CVE-2025-2857, impacting its Firefox browser for Windows. Mozilla has released security updates to address a critical flaw, tracked as CVE-2025-2857, impacting its Firefox browser for Windows. Recently, Google addressed a similar vulnerability, tracked as CVE-2025-2783, in Chrome that has been actively exploited in the wild as a zero-day. […]

Китай запускает закон о контроле за распознаванием лиц.

随着数字技术的发展和治理体系的现代化，公共场所视频图像采集已成为公共安全治理的必要手段，其积极作用为广大民众认可，但与之相伴的国家数据信息安全和个人隐私保护问题也成为社会广泛关注的焦点。

随着量子技术的飞速发展和人工智能的广泛应用，量子人工智能这一前沿领域的伦理问题日益引起国际社会的广泛关注。我国政府高度重视量子人工智能的发展，将其列为战略性新兴产业。

近日，国家互联网信息办公室、公安部联合公布了《人脸识别技术应用安全管理办法》，针对人脸识别技术的应用提出了系统化的规范指引，旨在应对人脸识别技术滥用，完善治理机制，保护个人信息权益，维护社会秩序和公共安全。

2022年以来，国内外生成式人工智能大模型快速迭代发展，改变了传统的内容生产与信息传播范式。与此同时，生成式人工智能带来的深度伪造、虚假信息等潜在风险进入国际社会规制视野，各国纷纷采取措施应对。

2025年，四部门进一步深入治理常用服务产品和常见生活场景中存在的违法违规收集使用个人信息典型问题，切实维护人民群众在网络空间合法权益，着力提升人民群众满意度、获得感。

意见反馈截止时间为2025年4月27日。

速更新

这起软件供应链攻击的幕后动机尚不明确

这起软件供应链攻击的幕后动机尚不明确

速更新

这起软件供应链攻击的幕后动机尚不明确

速更新

这起软件供应链攻击的幕后动机尚不明确

A vulnerability has been found in KDDI HGW BL1500HM up to 002.001.013 and classified as critical. This vulnerability affects unknown code. The manipulation leads to improper authentication. This vulnerability was named CVE-2024-28041. The attack needs to be initiated within the local network. There is no exploit available.

A vulnerability, which was classified as problematic, was found in LearnDash LMS Plugin up to 4.20.0.1 on WordPress. This affects an unknown part. The manipulation leads to missing authorization. This vulnerability is uniquely identified as CVE-2025-24662. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in DESCOR INFOCAD up to 3.5.1. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to sql injection. This vulnerability is known as CVE-2025-26852. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in DESCOR INFOCAD up to 3.5.1. It has been rated as critical. Affected by this issue is some unknown functionality of the component Authorization Schema. The manipulation leads to improper authorization. This vulnerability is handled as CVE-2025-26853. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.