Aggregator

日本鹿儿岛县奄美大岛近海附近海域近期观察到一群抹香鲸仰头以“站立”姿态睡觉。奄美海洋生物研究会会长兴克树 6 月 23 日在该岛以西约 15 公里的海域发现并拍摄了这一景象。兴克树回忆称，“这是迄今见过的最大鲸群，也是第一次看到它们的睡姿。非常感动。”兴克树称，在距海面约 3 米深处发现的约 20 头鲸群中，中央的四五头处于类似站着睡觉的状态。身体最长约 14 米。抹香鲸睡眠时间为每天中的近 2 小时，能够遇到这一瞬间十分珍贵。

一款帮助开发者选择颜色并获得 Google 验证徽章的取色器 (color pickers) 扩展看似无害，但安全研究人员称它会劫持浏览器会话、追踪网络活动，在受害者浏览器上植入后门。这款名为 Geco 扩展的下载量逾 10 万次，有 800 条评论，获得 4.2/5 星评价，安全公司 Koi Security 的研究人员称这是名为 RedDirection 的劫持浏览器的网络攻击行动的一部分，该行动涉及 18 个恶意扩展，逾 230 万 Chrome 和 Edge 用户受到影响。研究人员称，这些扩展最初不包含恶意代码，因此能获得 Google 的认证，它们是在后续更新中加入恶意代码的。

多模态知识处理黑科技，360 AI企业知识库加速数字化升级

360发布6月勒索软件流行态势报告，揭示双重勒索攻击格局重构

速修复

速修复

A tutorial on building serverless applications using Fermyon Spin and htmx, demonstrating a shopping list app with a Rust back end and htmx-enhanced front end.

Scale Spin apps on Kubernetes using SpinKube and KEDA for event-driven autoscaling based on Amazon SQS queue metrics.

In the previous parts of this series, we've explored the exciting new ways Large Language Models (LLMs) can integrate with APIs and act as intelligent As we integrate LLMs deeper into our applications, the attack surface naturally expands.

Всего несколько тапов — и вы сами дали хакерам все разрешения.

Currently trending CVE - Hype Score: 4 - Next.js is a React framework for building full-stack web applications. From versions 15.0.4-canary.51 to before 15.1.8, a cache poisoning bug leading to a Denial of Service (DoS) condition was found in Next.js. This issue does not impact customers hosted on Vercel. Under certain ...

Zero Data Retention offers a new path forward. One that enables intelligent automation, deep integrations and real-time workflows — without the baggage of persistent data storage

The post What is Zero Data Retention and Why it May Be the Future of Secure Automation appeared first on Security Boulevard.

检测业务是否受到此漏洞影响，请联系长亭应急服务团队！

Militairen hebben de afgelopen 2 weken 106 drones onschadelijk gemaakt boven marinekazerne Suffisant op Curaçao. De beveiliging van het luchtruim was nodig vanwege de spraakmakende Themis-strafzaak die daar plaatsvond. Een overzicht van Defensieoperaties in de week van 2 tot en met 8 juli 2025.

The addition of a backdoor to the Atomic macOS Stealer marks a pivotal shift in one of the most active macOS threats, said Moonlock

Apache Tomcat has addressed three critical denial-of-service (DoS) vulnerabilities that could allow malicious actors to disrupt web applications and services.  These security flaws, tracked as CVE-2025-52434, CVE-2025-52520, and CVE-2025-53506, affect all Apache Tomcat versions from 9.0.0.M1 to 9.0.106.  The vulnerabilities exploit different attack vectors, including HTTP/2 protocol weaknesses, file upload mechanisms, and stream handling capabilities.  […]

The post Multiple Apache Tomcat Vulnerabilities Let Attackers Trigger DoS Attacks appeared first on Cyber Security News.

两行代码致 VS Code 扩展遭供应链攻击

看雪论坛作者ID：asciibase64