Aggregator

奇安信威胁情报中心发现，新海莲花组织APT-Q-31近期重新活跃，并采用MSI文件滥用的新手法，这是首次在国内针对政企的APT活动中捕获到该技术的使用。海莲花的两个攻击集合共享攻击资源，但TTP完全不同。上次新海莲花的活跃是2023年末。

Google said it discovered a zero-day vulnerability in the SQLite open-source database engine using its large language model (LLM) assisted framework called Big Sleep (formerly Project Naptime). The tech giant described the development as the "first real-world vulnerability" uncovered using the artificial intelligence (AI) agent. "We believe this is the first public example of an AI agent finding

Куда ведут следы похищенных из Git данных?

根据 GitHub 的年度开发者报告，Python 取代 JavaScript 成为 GitHub 最受欢迎的语言，而印度将在 2028 年超过美国成为 GitHub 开发者人数最多的国家。GitHub 称 AI 并没有取代程序员的工作，而是推动了更多人用他们的母语写代码。2024 年 GitHub 上生成式 AI 项目贡献量增长 59%，项目总数增长 98%，许多贡献来自印度、德国、日本和新加坡等国。美国开发者人数仍然最多，其次是印度、中国、巴西、英国、俄罗斯、德国、印度尼西亚、日本和加拿大。GitHub 目前有 5.18 亿个项目，同比增长 25%。

A vulnerability, which was classified as critical, has been found in Codezips Free Exam Hall Seating Management System 1.0. This issue affects some unknown processing of the file /pages/save_user.php. The manipulation of the argument image leads to unrestricted upload. The identification of this vulnerability is CVE-2024-10766. The attack may be initiated remotely. Furthermore, there is an exploit available. The initial researcher disclosure contains confusing vulnerability classes and file names.

今年9月份EdgeOne Pages低调上线了！该功能基于EdgeOne边缘安全加速，提供了静动态WEB平台的部署。EdgeOne是腾讯云最近几年比较力推的服务，提供国内版和海外版。 本文主要演...

梆梆安全成为中国网络空间安全协会个人信息保护专业委员会首批成员单位 日期：2024年11月04日 阅：27

梆梆安全出席2024中韩个人信息合作论坛 多维度阐述个人信息保护策略 日期：2024年11月04日 阅：26

A vulnerability classified as critical was found in Codezips Online Institute Management System up to 1.0. This vulnerability affects unknown code of the file /profile.php. The manipulation of the argument old_image leads to unrestricted upload. This vulnerability was named CVE-2024-10765. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability classified as critical has been found in Codezips Online Institute Management System 1.0. This affects an unknown part of the file /pages/save_user.php. The manipulation of the argument image leads to unrestricted upload. This vulnerability is uniquely identified as CVE-2024-10764. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

Submit #436478 / VDB-282953

学校：academy europe open university （欧洲开放大学） 网址：https://www.academyeurope.org/ 免费学习后进去刷题，160题刷完就给MB...

Submit #436520 / VDB-282952

Submit #436477 / VDB-282951

Пентагон предупреждает о высокой вероятности конфликтов на орбите.

Researchers at Google said on Friday that they have discovered the first vulnerability using a larg

Several UK council websites are back online after being disrupted by Russian hacktivist DDoS attacks

A vulnerability, which was classified as critical, was found in MGinternet Property Site Manager. Affected is an unknown function of the file detail.asp. The manipulation of the argument Username leads to sql injection. This vulnerability is traded as CVE-2006-6709. It is possible to launch the attack remotely. Furthermore, there is an exploit available.