Aggregator
奥尔特曼“邀请”马斯克参加GPT-5.5派对
1 month 2 weeks ago
在经历了在法庭上的激烈交锋后,OpenAI CEO萨姆·奥尔特曼周六向其竞争对手埃隆·马斯克摆出了一个出人意料的姿态,即便这还称不上是全心全意的示好。OpenAI计划在5月5日为其最新模型GPT-5.
传小米新 SU7 锁单突破 7 万;微信输入法测「隔空发图」功能;豆包二代 AI 手机上半年发布 | 极客早知道
1 month 2 weeks ago
环境异常 当前环境异常,完成验证后即可继续访问。 去验证
传小米新 SU7 锁单突破 7 万;微信输入法测「隔空发图」功能;豆包二代 AI 手机上半年发布 | 极客早知道
1 month 2 weeks ago
即将超越英伟达,谷歌母公司 Alphabet 市值已达 4.6 万亿美元;谷歌将为 Gemini 投放广告,目前处于准备阶段;苹果 iOS 27 将重心转向 AI,Siri 迎来独立 App 并将深度整合到相机应用中
Quasar Linux (QLNX) – A Silent Foothold in the Supply Chain: Inside a Full-Featured Linux RAT With Rootkit, PAM Backdoor, Credential Harvesting Capabilities
1 month 2 weeks ago
TrendAI™ Research breaks down Quasar Linux (QLNX), a previously undocumented sophisticated Linux RAT with low detection rates. In this blog, we examine a full-featured Linux threat incorporating a rootkit, a PAM backdoor, credential harvesting, and more, revealing how this malware enables stealthy access, persistence, and potential supply-chain attacks.
Aliakbar Zahravi
[webapps] Traccar GPS Tracking System 6.11.1 - Cross-Site WebSocket Hijacking (CSWSH)
1 month 2 weeks ago
Traccar GPS Tracking System 6.11.1 - Cross-Site WebSocket Hijacking (CSWSH)
[local] Windows 11 24H2 - Local Privilege Escalation
1 month 2 weeks ago
Windows 11 24H2 - Local Privilege Escalation
[webapps] MindsDB 25.9.1.1 - Path Traversal
1 month 2 weeks ago
MindsDB 25.9.1.1 - Path Traversal
[hardware] Linksys E1200 2.0.04 - Authenticated Stack Buffer Overflow (RCE)
1 month 2 weeks ago
Linksys E1200 2.0.04 - Authenticated Stack Buffer Overflow (RCE)
[local] Linux nf_tables 6.19.3 - Local Privilege Escalation
1 month 2 weeks ago
Linux nf_tables 6.19.3 - Local Privilege Escalation
[local] Linux Kernel proc_readdir_de() 6.18-rc5 - Local Privilege Escalation
1 month 2 weeks ago
Linux Kernel proc_readdir_de() 6.18-rc5 - Local Privilege Escalation
Instructure confirms data breach, ShinyHunters claims attack
1 month 2 weeks ago
Educational tech giant Instructure has confirmed that data was stolen in a cyberattack, with the ShinyHunters extortion gang claiming responsibility. [...]
Lawrence Abrams
ChatGPT advanced account security adds passkeys and hardware keys
1 month 2 weeks ago
Journalists, elected officials, researchers, and political dissidents have spent years adapting their accounts to phishing-resistant authentication on consumer platforms. ChatGPT now joins that list. OpenAI has introduced Advanced Account Security, an opt-in setting that strips password-based sign-in from ChatGPT and Codex accounts and replaces it with passkeys or physical security keys. What enrollment changes Enrolled accounts use passkeys or hardware security keys for sign-in, with password login disabled. Email and SMS account recovery are removed, … More →
The post ChatGPT advanced account security adds passkeys and hardware keys appeared first on Help Net Security.
Anamarija Pogorelec
Aur0ra
1 month 2 weeks ago
You must login to view this content
cohenido
CVE-2026-34282 | Oracle Java SE/GraalVM for JDK/GraalVM Enterprise Edition Networking denial of service (Nessus ID 309659 / WID-SEC-2026-1201)
1 month 2 weeks ago
A vulnerability was found in Oracle Java SE, GraalVM for JDK and GraalVM Enterprise Edition. It has been rated as problematic. This impacts an unknown function of the component Networking. The manipulation leads to denial of service.
This vulnerability is documented as CVE-2026-34282. The attack can be initiated remotely. There is not any exploit available.
Upgrading the affected component is advised.
vuldb.com
CVE-2026-33601 | PowerDNS Recursor up to 5.2.8/5.3.5/5.4.0 zoneToCache null pointer dereference (WID-SEC-2026-1225)
1 month 2 weeks ago
A vulnerability, which was classified as problematic, was found in PowerDNS Recursor up to 5.2.8/5.3.5/5.4.0. Impacted is the function zoneToCache. The manipulation results in null pointer dereference.
This vulnerability is identified as CVE-2026-33601. The attack can be executed remotely. There is not any exploit available.
You should upgrade the affected component.
vuldb.com
CVE-2026-33600 | PowerDNS Recursor up to 5.2.8/5.3.5/5.4.0 null pointer dereference (WID-SEC-2026-1225)
1 month 2 weeks ago
A vulnerability was found in PowerDNS Recursor up to 5.2.8/5.3.5/5.4.0. It has been declared as problematic. This impacts an unknown function. Executing a manipulation can lead to null pointer dereference.
This vulnerability is registered as CVE-2026-33600. It is possible to launch the attack remotely. No exploit is available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2022-24729 | CKEditor4 up to 4.17.x Dialog Plugin resource consumption (GHSA-f6rf-9m92-x2hh / EUVD-2022-29580)
1 month 2 weeks ago
A vulnerability, which was classified as problematic, has been found in CKEditor4 up to 4.17.x. This affects an unknown part of the component Dialog Plugin. The manipulation leads to resource consumption.
This vulnerability is traded as CVE-2022-24729. It is possible to initiate the attack remotely. There is no exploit available.
It is advisable to upgrade the affected component.
vuldb.com
CVE-2022-24695 | Bluetooth Core up to 5.3 Non-Discoverable Mode information disclosure (EUVD-2022-29562 / Nessus ID 260192)
1 month 2 weeks ago
A vulnerability identified as problematic has been detected in Bluetooth Core up to 5.3. Affected by this issue is some unknown functionality of the component Non-Discoverable Mode. The manipulation leads to information disclosure.
This vulnerability is documented as CVE-2022-24695. The attack requires being on the local network. There is not any exploit available.
vuldb.com
CVE-2022-24675 | Google Go up to 1.8.0/1.17.8 encoding-pem stack-based overflow (EUVD-2022-29547 / Nessus ID 211345)
1 month 2 weeks ago
A vulnerability was found in Google Go up to 1.8.0/1.17.8 and classified as critical. This affects an unknown part of the component encoding-pem. Executing a manipulation can lead to stack-based buffer overflow.
The identification of this vulnerability is CVE-2022-24675. The attack needs to be done within the local network. There is no exploit available.
It is suggested to upgrade the affected component.
vuldb.com