Aggregator

奥尔特曼“邀请”马斯克参加GPT-5.5派对

不安全
1 month 3 weeks ago
在经历了在法庭上的激烈交锋后,OpenAI CEO萨姆·奥尔特曼周六向其竞争对手埃隆·马斯克摆出了一个出人意料的姿态,即便这还称不上是全心全意的示好。OpenAI计划在5月5日为其最新模型GPT-5.

Quasar Linux (QLNX) – A Silent Foothold in the Supply Chain: Inside a Full-Featured Linux RAT With Rootkit, PAM Backdoor, Credential Harvesting Capabilities

Trend Micro Research, News and Perspectives
1 month 3 weeks ago
TrendAI™ Research breaks down Quasar Linux (QLNX), a previously undocumented sophisticated Linux RAT with low detection rates. In this blog, we examine a full-featured Linux threat incorporating a rootkit, a PAM backdoor, credential harvesting, and more, revealing how this malware enables stealthy access, persistence, and potential supply-chain attacks.
Aliakbar Zahravi

ChatGPT advanced account security adds passkeys and hardware keys

Help Net Security
1 month 3 weeks ago

Journalists, elected officials, researchers, and political dissidents have spent years adapting their accounts to phishing-resistant authentication on consumer platforms. ChatGPT now joins that list. OpenAI has introduced Advanced Account Security, an opt-in setting that strips password-based sign-in from ChatGPT and Codex accounts and replaces it with passkeys or physical security keys. What enrollment changes Enrolled accounts use passkeys or hardware security keys for sign-in, with password login disabled. Email and SMS account recovery are removed, … More →

The post ChatGPT advanced account security adds passkeys and hardware keys appeared first on Help Net Security.

Anamarija Pogorelec

CVE-2026-34282 | Oracle Java SE/GraalVM for JDK/GraalVM Enterprise Edition Networking denial of service (Nessus ID 309659 / WID-SEC-2026-1201)

Vuldb Updates
1 month 3 weeks ago
A vulnerability was found in Oracle Java SE, GraalVM for JDK and GraalVM Enterprise Edition. It has been rated as problematic. This impacts an unknown function of the component Networking. The manipulation leads to denial of service. This vulnerability is documented as CVE-2026-34282. The attack can be initiated remotely. There is not any exploit available. Upgrading the affected component is advised.
vuldb.com

CVE-2026-33601 | PowerDNS Recursor up to 5.2.8/5.3.5/5.4.0 zoneToCache null pointer dereference (WID-SEC-2026-1225)

Vuldb Updates
1 month 3 weeks ago
A vulnerability, which was classified as problematic, was found in PowerDNS Recursor up to 5.2.8/5.3.5/5.4.0. Impacted is the function zoneToCache. The manipulation results in null pointer dereference. This vulnerability is identified as CVE-2026-33601. The attack can be executed remotely. There is not any exploit available. You should upgrade the affected component.
vuldb.com

CVE-2026-33600 | PowerDNS Recursor up to 5.2.8/5.3.5/5.4.0 null pointer dereference (WID-SEC-2026-1225)

Vuldb Updates
1 month 3 weeks ago
A vulnerability was found in PowerDNS Recursor up to 5.2.8/5.3.5/5.4.0. It has been declared as problematic. This impacts an unknown function. Executing a manipulation can lead to null pointer dereference. This vulnerability is registered as CVE-2026-33600. It is possible to launch the attack remotely. No exploit is available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2022-24729 | CKEditor4 up to 4.17.x Dialog Plugin resource consumption (GHSA-f6rf-9m92-x2hh / EUVD-2022-29580)

Vuldb Updates
1 month 3 weeks ago
A vulnerability, which was classified as problematic, has been found in CKEditor4 up to 4.17.x. This affects an unknown part of the component Dialog Plugin. The manipulation leads to resource consumption. This vulnerability is traded as CVE-2022-24729. It is possible to initiate the attack remotely. There is no exploit available. It is advisable to upgrade the affected component.
vuldb.com

Managed ad