Sensitive French Government Agents’ Data Leaked on Darknet Forum
You must login to view this content
Aggregator
德国法庭裁决 TCL 的 QLED 不是真的 QLED
1 month 2 weeks ago
德国的一家法庭裁决 TCL 误导消费者,它的多款宣称“量子点电视(QLED)”的产品并不是真的 QLED,没有提供 QLED 电视应有的色彩还原。法院命令 TCL 停止在德国宣传或销售相关型号的电视机。相关诉讼由韩国公司韩松化学提起,它是 TCL 竞争对手三星的合作伙伴。韩松化学委托进行的测试显示,三款以量子点名义出售的 TV 都未检测出铟和镉,它们是不可或缺的量子点材料。TCL 对测试结果提出异议,称量子点含量因供应商而异,它公布了自己的测试结果。TCL 的测试结果与韩松化学的测试结果相矛盾,但双方采用了不同的测试方法:TCL 的测试侧重于其使用的量子点薄膜,而韩松化学测试的是 TCL 电视机。韩松化学在包括美国在内的多国提起了针对 TCL 的诉讼,另一家中国电视制造商海信也面临类似的诉讼。
CUDA Agent:面向高性能 CUDA 内核生成的大规模智能体强化学习
1 month 2 weeks ago
作者:Weinan Dai, Hanlin Wu, Qiying Yu等
译者:知道创宇404实验室翻译组
原文链接:https://arxiv.org/html/2602.24286v1
摘要
GPU内核优化是现代深度学习的基础,但仍是一项高度专业化的任务,需要深厚的硬件专业知识。尽管大语言模型(LLM)在通用编程任务中表现出色,但在CUDA内核生成方面,仍无法与基于编译器的系统(如tor...
The Global Takedown: Interpol’s Operation Synergia III Crushes 45,000 Malicious Servers
1 month 2 weeks ago
An international law enforcement crusade against cybercriminality has yielded monumental results. Constabularies spanning dozens of sovereign nations have
The post The Global Takedown: Interpol’s Operation Synergia III Crushes 45,000 Malicious Servers appeared first on Penetration Testing Tools.
ddos
Lazarus, AI, and Trust Abuse: Top Enterprise Cybersecurity Risks 2026
1 month 2 weeks ago
As part of a recent live expert panel, ANY.RUN together with threat researcher and ethical hacker Mauro Eldritch explored biggest security risks companies should be prepared for in 2026. The discussion covered several relevant cases, from the Lazarus IT Workers operation to the rapid rise of AI-driven phishing attacks, and examined the common thread behind them: trust abuse. Below are the key takeaways for those seeking a clearer view of […]
The post Lazarus, AI, and Trust Abuse: Top Enterprise Cybersecurity Risks 2026 appeared first on ANY.RUN's Cybersecurity Blog.
ANY.RUN
Capturing the Storm: British Tourist Arrested in Dubai After Filming Iranian Missile Barrage
1 month 2 weeks ago
In Dubai, a British national has been apprehended, facing accusations of transgressing local cybercrime ordinances. According to British
The post Capturing the Storm: British Tourist Arrested in Dubai After Filming Iranian Missile Barrage appeared first on Penetration Testing Tools.
ddos
The HoppingAnt Trail: Unmasking Operation CamelClone’s Global Diplomatic Siege
1 month 2 weeks ago
The specialists at Seqrite Labs have unearthed a sequence of cyberespionage incursions, christened Operation CamelClone. This campaign has
The post The HoppingAnt Trail: Unmasking Operation CamelClone’s Global Diplomatic Siege appeared first on Penetration Testing Tools.
ddos
The Infinite Variant: How “Promptmorphism” Uses AI to Shatter Traditional Malware Detection
1 month 2 weeks ago
Malefactors are increasingly harnessing large language models to rapidly rewrite malicious code. This stratagem, christened “promptmorphism,” facilitates the
The post The Infinite Variant: How “Promptmorphism” Uses AI to Shatter Traditional Malware Detection appeared first on Penetration Testing Tools.
ddos
Digital Vengeance: How the Handala “Stryker” Breach Redefined Global Cyber Warfare
1 month 2 weeks ago
Iran has ostensibly orchestrated the most colossal cyberattack against the United States amidst an active armed conflict in
The post Digital Vengeance: How the Handala “Stryker” Breach Redefined Global Cyber Warfare appeared first on Penetration Testing Tools.
ddos
Обогнали почти всех: Россия в тройке мировых лидеров по количеству кибератак
1 month 2 weeks ago
57 киберпреступных группировок активно работали против России в 2025 году.
The Search Engine Snare: How Storm-2561 Poisoned Google Results to Hijack VPN Credentials
1 month 2 weeks ago
The pursuit of a corporate VPN client across the digital expanse can culminate in the catastrophic exfiltration of
The post The Search Engine Snare: How Storm-2561 Poisoned Google Results to Hijack VPN Credentials appeared first on Penetration Testing Tools.
ddos
CVE-2026-4039 | OpenClaw 2026.2.19-2 Skill Env applySkillConfigenvOverrides code injection (GHSA-82g8-464f-2mv7)
1 month 2 weeks ago
A vulnerability was found in OpenClaw 2026.2.19-2. It has been declared as critical. This vulnerability affects the function applySkillConfigenvOverrides of the component Skill Env Handler. Executing a manipulation can lead to code injection.
This vulnerability is registered as CVE-2026-4039. It is possible to launch the attack remotely. No exploit is available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2026-4040 | OpenClaw up to 2026.2.17 File Existence tools.exec.safeBins information exposure (GHSA-6c9j-x93c-rw6j)
1 month 2 weeks ago
A vulnerability was found in OpenClaw up to 2026.2.17. It has been rated as problematic. This issue affects the function tools.exec.safeBins of the component File Existence Handler. The manipulation leads to information exposure through discrepancy.
This vulnerability is documented as CVE-2026-4040. The attack needs to be performed locally. There is not any exploit available.
Upgrading the affected component is advised.
vuldb.com
CVE-2026-3099 | GNOME libsoup SoupAuthDomainDigest nonce re-use
1 month 2 weeks ago
A vulnerability, which was classified as problematic, has been found in GNOME libsoup. Affected by this issue is the function SoupAuthDomainDigest. This manipulation causes reusing a nonce.
The identification of this vulnerability is CVE-2026-3099. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com
CVE-2026-3989 | SGLang up to 0.5.9 replay_request_dump.py pickle.load deserialization
1 month 2 weeks ago
A vulnerability, which was classified as critical, was found in SGLang up to 0.5.9. This affects the function pickle.load of the file replay_request_dump.py. Such manipulation leads to deserialization.
This vulnerability is referenced as CVE-2026-3989. It is possible to launch the attack remotely. No exploit is available.
vuldb.com
CVE-2026-2987 | specialk Simple Ajax Chat Plugin up to 20260217 on WordPress c cross site scripting
1 month 2 weeks ago
A vulnerability has been found in specialk Simple Ajax Chat Plugin up to 20260217 on WordPress and classified as problematic. This vulnerability affects unknown code. Performing a manipulation of the argument c results in cross site scripting.
This vulnerability is identified as CVE-2026-2987. The attack can be initiated remotely. There is not any exploit available.
vuldb.com
CVE-2026-0809 | Streamsoft Prestiż 18.1.376.37/18.2.377 weak password encoding
1 month 2 weeks ago
A vulnerability was found in Streamsoft Prestiż 18.1.376.37/18.2.377 and classified as problematic. This issue affects some unknown processing. Executing a manipulation can lead to weak encoding for password.
This vulnerability is tracked as CVE-2026-0809. The attack can be launched remotely. No exploit exists.
It is suggested to upgrade the affected component.
vuldb.com
CVE-2026-2513 | Progress Flowmon ADS up to 12.5.4/13.0.2 Link cross site scripting
1 month 2 weeks ago
A vulnerability was found in Progress Flowmon ADS up to 12.5.4/13.0.2. It has been classified as problematic. Impacted is an unknown function of the component Link Handler. The manipulation leads to cross site scripting.
This vulnerability is listed as CVE-2026-2513. The attack may be initiated remotely. There is no available exploit.
Upgrading the affected component is recommended.
vuldb.com
CVE-2026-2514 | Progress Flowmon ADS up to 12.5.4/13.0.2 cross site scripting
1 month 2 weeks ago
A vulnerability was found in Progress Flowmon ADS up to 12.5.4/13.0.2. It has been declared as problematic. The affected element is an unknown function. The manipulation results in cross site scripting.
This vulnerability is cataloged as CVE-2026-2514. The attack may be launched remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2026-21666 | Veeam Backup and Replication up to 12.3.1 access control (kb4830 / WID-SEC-2026-0709)
1 month 2 weeks ago
A vulnerability labeled as critical has been found in Veeam Backup and Replication up to 12.3.1. Affected is an unknown function. Executing a manipulation can lead to improper access controls.
This vulnerability appears as CVE-2026-21666. The attack may be performed from remote. There is no available exploit.
The affected component should be upgraded.
vuldb.com