Aggregator

近日，Oracle官方发布了多个安全漏洞的公告，其中Oracle产品本身漏洞110个，影响到Oracle产品的其他厂商漏洞345个。

2026年4月23日，国家信息安全漏洞库（CNNVD）在北京举办“国家人工智能安全漏洞库正启动运行”发布会。

智能情报驱动，以AI治理AI。新一代数字供应链安全治理体系再闭环，智能守护“AI 数字员工”！

近日，绿盟科技CERT监测到Xinference在PyPI仓库遭受了供应链投毒，攻击者通过窃取Xinference维护人员的PyPI发布权限凭证，于北京时间4月22日连续发布了3个植入木马的恶意版本，影响范围较广，请相关用户尽快采取措施进行排查与防护。

The threat actor gave itself plenty of options to support command and control, tapping Microsoft Outlook, Slack, Discord, and file.io for online espionage.

The Chinese state-sponsored cyber threat is known for moving fast and trying odd attack vectors; now it's branching out in tools, victimology, and TTPs.

鹏城-西电计算机联培｜沈玉龙&谢国锐老师招收AI+计算机网络方向博士生

战意渐浓！

消息称微软 GitHub Copilot 将转向按 Token 计费；特斯拉：第三代人形机器人预计年中亮相；宇树科技展示轮足人形机器人

赋能交通运输行业数字化、智能化转型。

2026年04月23日（現地時間）、米国CISAがCISA ICS Advisory / ICS Medical Advisoryを公表しました。

过去很多年，谈中国能源转型，大家首先想到的是光伏、风电和新能源汽车。

AMA Wants Privacy, Security AI Tool Protections, Especially in Mental Health
The American Medical Association says using artificial intelligence chatbots carries risks - including data privacy and security breaches - and the largest U.S. professional association for physicians and medical students is urging Congress to take action to protect patients from potential harm.

Berlin Proposes 3 Month Requirement to Store IP Addresses
The German government says it's unlocked the secret to passing a law that would require internet service providers to keep customer data without running afoul of privacy and security concerns that sunk earlier attempts. Critics say that's impossible

Recent Package Compromises Pushed Software Component Trust to the Security Agenda
Cloudsmith raised a $72 million Series C led by TCV to expand policy enforcement, auditability and real-time package risk analysis as CISOs focus more closely on software supply-chain threats tied to open-source dependencies, AI-assisted development and compromised artifacts.