Aggregator
研究认为霸王龙的大型化始于亚洲
2 months 4 weeks ago
日本北海道大学研究团队在《自然》上发表研究成果,指出体重不到约 500 公斤的中间型的暴龙在以几百万年为单位在亚洲和北美大陆之间迁徙的过程中,朝着体重达到约 1 吨以上的大型化方向进化。此前的观点是认为体型增大仅发生在北美。研究团队报告在蒙古约 9300 万至 8300 万年前地层中发现了中间型暴龙化石,将其新命名为“Khankhuuluu mongoliensis”。他们推测完成大型化的暴龙的祖先起源于亚洲,最晚在约 8600 万年前迁徙至北美,然后最晚在约 7800 万年前迁徙至亚洲,在约 7300 万年至约 6700 万年前再次迁徙至北美。迁徙的理由尚不清楚,团队表示将进一步研究。
ИИ лечит душу, а потом отправляет её в облако — вместе со всеми секретами
2 months 4 weeks ago
Когда разговор с ботом заканчивается больничной койкой.
Fog Ransomware Uses Pentesting Tools to Steal Data and Launch Attacks
2 months 4 weeks ago
Fog ransomware incidents in recent years have exposed a dangerous new trend in cybercrime: hackers are using open-source penetration testing tools and genuine staff monitoring software to breach networks, steal confidential data, and initiate ransomware attacks. This unprecedented blend of tactics has targeted major financial institutions, raising alarms among cybersecurity professionals. Unprecedented Toolset in a […]
The post Fog Ransomware Uses Pentesting Tools to Steal Data and Launch Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Kaaviya
两名欧洲记者的手机感染了以色列间谍软件 Paragon
2 months 4 weeks ago
2025 年 4 月 29 日苹果通知部分 iOS 用户,称他们成为先进间谍软件的攻击目标。加拿大多伦多大学公民实验室对两位欧洲记者 iPhone 手机进行的分析证实,他们遭到了以色列公司 Paragon 的间谍软件 Graphite 的攻击。苹果表示它已经释出了 iOS 18.3.1 缓解了部署间谍软件利用的零点击攻击,该漏洞被分配了编号 CVE-2025-43200。被攻击的两名欧洲记者一人要求匿名,另一人是意大利记者 Ciro Pellegrino。攻击发生在 2025 年 1 月到 2 月初之间,当时 iPhone 运行的是 iOS 18.2.1系统。Pellegrino 的同事、Fanpage.it 网站编辑 Francesco Cancellato 于 2025 年 1 月收到 WhatsApp 通知称遭到 Graphite 间谍软件的攻击。这起攻击可能与意大利政府有关。
Qilin
2 months 4 weeks ago
You must login to view this content
cohenido
Qilin
2 months 4 weeks ago
You must login to view this content
cohenido
Qilin
2 months 4 weeks ago
You must login to view this content
cohenido
Qilin
2 months 4 weeks ago
You must login to view this content
cohenido
CVE-2025-29902 | Telex Remote Dispatch Console Server code injection (EUVD-2025-18259)
2 months 4 weeks ago
A vulnerability was found in Telex Remote Dispatch Console Server. It has been classified as very critical. Affected is an unknown function. The manipulation leads to code injection.
This vulnerability is traded as CVE-2025-29902. It is possible to launch the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-29902 | RTS VLink Virtual Matrix Software code injection (EUVD-2025-18259)
2 months 4 weeks ago
A vulnerability was found in RTS VLink Virtual Matrix Software. It has been declared as very critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to code injection.
This vulnerability is known as CVE-2025-29902. The attack can be launched remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
Scale AI 亚历山大·王的创业法则:人类计算资源可像计算机一样编排,吴恩达一观点毁掉红杉投资,YC创始人一句话带来商业灵感
2 months 4 weeks ago
Meta正式宣布投资近150亿美元收购Scale AI 49%股份,同时聘请其创始人亚历山大·王领导全新的"超级智能"实验室。25岁的亚历山大·王是华裔天才创业者,19岁从MIT辍学创立Scale AI,专注为AI模型提供高质量数据标注服务,八年内将公司发展为估值138亿美元的AI独角兽,被誉为"AI模型的数据工厂",为OpenAI、Meta、Google等主要AI公司提供数据服务。在最新访谈中,亚历山大·王分享了创业方法论:强调认知套利能力比技术更重要,专注度是创业公司对抗科技巨头的核心优势,企业销售中感知比现实更重要。他指出当前AI发展面临数据墙困境,合成数据无法完全解决问题,未来需要人类生成数据与计算资源同步指数级增长,这为Scale AI等数据基础设施公司带来巨大机遇。
CVE-2013-5660 | Powersoftware WinArchiver 3.2 Flow memory corruption (ID 121512 / EDB-25131)
2 months 4 weeks ago
A vulnerability was found in Powersoftware WinArchiver 3.2. It has been rated as very critical. Affected by this issue is some unknown functionality of the component Flow. The manipulation leads to memory corruption.
This vulnerability is handled as CVE-2013-5660. The attack may be launched remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2025-49183 | SICK Media Server REST API cleartext transmission (EUVD-2025-18186)
2 months 4 weeks ago
A vulnerability classified as problematic has been found in SICK Media Server. Affected is an unknown function of the component REST API. The manipulation leads to cleartext transmission of sensitive information.
This vulnerability is traded as CVE-2025-49183. It is possible to launch the attack remotely. There is no exploit available.
vuldb.com
CVE-2025-49182 | SICK Media Server up to 1.4 authorization (EUVD-2025-18174)
2 months 4 weeks ago
A vulnerability was found in SICK Media Server up to 1.4. It has been classified as problematic. Affected is an unknown function. The manipulation leads to missing authorization.
This vulnerability is traded as CVE-2025-49182. It is possible to launch the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
使用python生成添加管理员账户的exe
2 months 4 weeks ago
在渗透测试中,针对Windows服务器获取webshell后一般会考虑新建管理员账号(当然某些情况下可以直接读密码)登录rdp方便渗透,所以考虑自己做个免杀的exe来添加用户。
CVE-2025-2843 | rhobs observability-operator privilege escalation
2 months 4 weeks ago
A vulnerability was found in rhobs observability-operator and classified as critical. This issue affects some unknown processing. The manipulation leads to privilege escalation.
The identification of this vulnerability is CVE-2025-2843. Access to the local network is required for this attack. There is no exploit available.
vuldb.com
量子+区块链!迄今最“可信”的随机数生成器发布
2 months 4 weeks ago
《Nature》期刊最新报道
工信部:AI绘图工具ComfyUI多个安全漏洞已被用于实施网络攻击
2 months 4 weeks ago
ComfyUI工具5个安全漏洞已被用于实施网络攻击。
CVE-2024-38824 | VMware SALT prior 3006.12/3007.4 Cache Directory recv_file path traversal (EUVD-2024-54682)
2 months 4 weeks ago
A vulnerability has been found in VMware SALT and classified as critical. This vulnerability affects the function recv_file of the component Cache Directory Handler. The manipulation leads to path traversal.
This vulnerability was named CVE-2024-38824. The attack can be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com