Chromium项目史上最大规模:Chrome 148一次性修复127个漏洞
Chrome 148修复127个漏洞|3个Critical含CVSS9.3 V8越界读写|2026年已修补4个零日|海莲花等APT组织关联风险
Aggregator
波兰安全机构报告:五家水处理厂工业控制系统遭入侵
1 month 2 weeks ago
波兰国内安全局(ABW)记录显示,2024 年至 2025 年间,针对工业控制系统(ICS)及其他运营技术(OT)基础设施的网络攻击显著升级,国家支持的威胁行为者愈发倾向于对关键服务进行实质破坏。 2025 年 8 月,一位波兰官员透露,一场网络攻击险些导致一座城市供水中断,但该攻击最终被挫败,当时未公布相关技术细节。 波兰国内安全局的新报告(波兰语撰写)提供了更多该国...
hackernews
Critical Microsoft 365 Copilot Vulnerabilities Expose sensitive Information
1 month 2 weeks ago
Microsoft has disclosed and fully remediated three critical information disclosure vulnerabilities affecting Microsoft 365 Copilot and Copilot Chat in Microsoft Edge, all released on May 7, 2026, requiring no action from end users or administrators. Microsoft’s Security Response Center published advisories for CVE-2026-26129, CVE-2026-26164, and CVE-2026-33111 as part of its ongoing commitment to transparency in […]
The post Critical Microsoft 365 Copilot Vulnerabilities Expose sensitive Information appeared first on Cyber Security News.
Guru Baran
Zara 数据泄露,19.7 万人个人信息遭曝光
1 month 2 weeks ago
据数据泄露通知服务平台 “我是否被入侵”(Have I Been Pwned)消息,入侵西班牙快时尚零售商 Zara 数据库的黑客,窃取了超过 19.7 万名顾客的数据。 Zara 在全球拥有 1500 多家公司直营和特许经营门店,是全球最大的时尚分销集团之一 Inditex 集团的旗舰品牌。Inditex 集团还拥有 Bershka、Zara Home、Oy...
hackernews
NVIDIA 证实 GeForce NOW 发生数据泄露,亚美尼亚用户受影响
1 month 2 weeks ago
NVIDIA 在给 BleepingComputer 的一份声明中证实,GeForce NOW 用户信息在一次数据泄露事件中被曝光。 这家游戏与硬件巨头澄清称,受影响范围仅限于亚美尼亚,事件起因是其一家区域合作伙伴运营的基础设施遭到破坏。 该公司还补充表示,自身网络未受此次事件影响。 NVIDIA 称:“我们的调查显示,NVIDIA 运营的服务...
hackernews
版块上线 | 奇安信攻防社区AI安全工具版块发布,文末抽新款T恤
1 month 2 weeks ago
奇安信攻防社区AI安全工具版块上线~
AI+软件供应链安全领航者丨悬镜安全持续引领《2026 中国 AI 赋能网络安全全景图》
1 month 2 weeks ago
实力登顶!悬镜安全持续引领数说安全全景图,位居 2026 AI 赋能软件供应链安全赛道榜首!
8 个高危漏洞拉响警报:Linux/Tomcat/ActiveMQ 等 4 月必修清单
1 month 2 weeks ago
腾讯云安全公布近期企业必修漏洞清单,共 8 个高危漏洞,涉及 Linux、Tomcat、ActiveMQ 等,请及时修复。
字节/滴滴/宁德时代/米哈游 等12个优质岗位直推
1 month 2 weeks ago
速看!新鲜发布的12个优质安全岗位!先到先推!
ACTF 2026|倒计时1天!
1 month 2 weeks ago
硅谷没有乌托邦:从马斯克诉 OpenAI 案,看资本、初心与 AGI 治理的终极冲突(DPO社群成员观点)
1 month 2 weeks ago
APT32组织利用软件供应链攻击,投递新型木马ZiChatBot
1 month 2 weeks ago
研究人员通过心理操控诱导Claude模型,使其给出了制造爆炸物的相关教程
1 month 2 weeks ago
这些AI攻击面,才是最难收敛的
1 month 2 weeks ago
攻击AI就靠这些
INC
1 month 2 weeks ago
You must login to view this content
cohenido
Anthropic 估值逼近 1 万亿美元;OpenAI 推出 Codex Chrome 扩展;消息称腾讯实习生大涨薪,百度「全员晋升」|极客早知道
1 month 2 weeks ago
OpenAI 推出 GPT-5.5-Cyber 预览版,面向安全团队限量开放;
苹果 CarPlay 接入马斯克的 Grok 模型,在车内和 AI 自然聊天;
OPPO 就母亲节宣传文案争议道歉:已第一时间下架全部相关物料
Cybercrime's Human Trafficking Problem
1 month 2 weeks ago
Coerced Labor in Scam Compounds Is Reshaping How Enterprises Face Fraud Risks
Fraud operations in Southeast Asia increasingly rely on trafficked workers forced into scams. This reality challenges assumptions about threat actor behavior, complicates attribution and negotiation, and demands that enterprises rethink fraud prevention and disruption strategies.
Fraud operations in Southeast Asia increasingly rely on trafficked workers forced into scams. This reality challenges assumptions about threat actor behavior, complicates attribution and negotiation, and demands that enterprises rethink fraud prevention and disruption strategies.
Are AI driven attacks already inside your cloud environment
1 month 2 weeks ago
Live Webinar | Why Periodic Pentesting Can’t Keep Up And What Security Leaders Are Doing Instead
1 month 2 weeks ago
ISMG Editors: The Battle Over Access to Frontier AI Models
1 month 2 weeks ago
Also: Washington's AI Policy Divide, FDA's Push for AI-Driven Clinical Trials
In this week's panel, four ISMG editors discussed the battle over who gets to access powerful AI cybersecurity models, policy issues unfolding in Washington over AI-driven cyber defenses, and how the FDA is beginning to test AI-supported real-time clinical trials to speed up drug development.
In this week's panel, four ISMG editors discussed the battle over who gets to access powerful AI cybersecurity models, policy issues unfolding in Washington over AI-driven cyber defenses, and how the FDA is beginning to test AI-supported real-time clinical trials to speed up drug development.