Aggregator

全球首台超临界二氧化碳发电机组“超碳一号”在贵州六盘水首钢水钢集团投入商业运行，这是全球范围内首次将超临界二氧化碳发电技术从实验室推向商业落地。不论是火电还是核电，原理都类似于“烧开水”，就是用热量将水变为水蒸气，推动汽轮机转动来发电。但超临界二氧化碳发电技术是一种革新型热电转换技术。这一技术是把温度超过 31 摄氏度、压力升高至 73 个大气压以上环境中的超临界二氧化碳作为循环工质，将其送进发电系统里，再通过压缩机和换热器提高超临界二氧化碳的压力和温度，让高温高压的二氧化碳推动透平旋转，进而产生电能。相比现役烧结余热蒸汽发电技术，“超碳一号”发电效率提升 85% 以上，净发电量提升 50% 以上。

握紧AI时代业务增长的“入场券”

Lockbit新变种Aware借僵尸网络突袭，360终端安全智能体秒破“攻击密码”

企业AI应用遭数据投毒、提示注入、模型窃取等九类攻击，CISO需制定前瞻性安全策略应对。

美军网络官员称进攻性网络行动未来将发挥辅助性军事效用

数据来源目前还难以判断

Debian 13.3 is the third maintenance update for the stable Debian 13 distribution, codenamed “trixie”. It updates package content to address security and other issues reported since the last point update. This release includes more than 100 adjustments and multiple security patches across a range of packages. It includes updates for core services and applications such as Apache HTTP Server, GNOME components, and container tools. Existing systems running Debian 13 can install the 13.3 update … More →

The post Debian 13.3 is now available with targeted corrections, updates appeared first on Help Net Security.

Пока учителя ждут устранения последствий взлома, учащиеся радуются неожиданной передышке.

A database featuring 300,000+ users of notorious hacking forum BreachForums has been leaked online

Russia-linked cyberespionage group APT28 targets energy, nuclear, and policy staff in Turkey, Europe, North Macedonia, and Uzbekistan with credential-harvesting attacks. Between February and September 2025, Recorded Future’s Insikt Group observed Russia-linked group APT28 (aka UAC-0001, Fancy Bear, Pawn Storm, Sofacy Group, Sednit, BlueDelta, and STRONTIUM) running credential-harvesting campaigns. Targets included Turkish energy and nuclear agency staff, European think tank personnel, and organizations […]

Linus Torvalds 在 GitHub 上公开了名为 AudioNoise 的随机数字音效个人项目，他在 README 文件中透露使用了 Google 的 AI 驱动 IDE 工具 Antigravity 进行了辅助编程——或者叫 Vibe Coding。Antigravity 是 Windsurf 的分支，而 Windsurf 则是微软 VS Code 的分支。

A vulnerability categorized as critical has been discovered in MediaTek MT2718, MT6739, MT6761, MT6765, MT6768, MT6781, MT6789, MT6833, MT6835, MT6853, MT6855, MT6877, MT6878, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6897, MT6899, MT6983, MT6985, MT6989, MT6991, MT8196, MT8676, MT8678, MT8792 and MT8793. Affected is an unknown function of the component Display. Such manipulation leads to double free. This vulnerability is uniquely identified as CVE-2025-20772. Local access is required to approach this attack. No exploit exists. Applying a patch is advised to resolve this issue.

A vulnerability described as critical has been identified in Archer RSA Archer 6.11.00204.10014. This impacts an unknown function. Such manipulation leads to csv injection. This vulnerability is referenced as CVE-2025-50572. It is possible to launch the attack remotely. No exploit is available.

Explore the troubling trend of teenagers being recruited into hacking groups, the challenges in countering this rise, and the efforts to redirect their skills towards ethical hacking.

The post We’re Hiring: Hacking Groups Recruit Teens While Feds Want to Ground Them  appeared first on Security Boulevard.

Defensie heeft de foodsector broodnodig om een crisissituatie het hoofd te kunnen bieden. Dat liet luitenant-generaal Jan-Willem Maas, commandant van het Defensie Ondersteuningscommando, vandaag weten bij het brunchcongres van FoodService Instituut Nederland. Daar waren 500 foodserviceprofessionals naartoe gekomen.

Gavin Webb from the National Crime Agency receives the OBE award from King Charles for his strategic role in Operation Cronos, disrupting the LockBit ransomware group.

The post Operation Cronos Leader Gets Nod From King Charles  appeared first on Security Boulevard.

最近遇到一个web网站，流量是通过js的加密的，于是设计了一套较为通用的流量js hook配置burp的流量加

Переход по ссылке в Telegram приводит к раскрытию реального местоположения пользователя из-за ошибки в коде.

YunSeeIRs 应急响应工具