Aggregator

Чем умнее машина, тем критичнее для неё каждая миллисекунда задержки сигнала.

算法战争：从美以对伊行动，看AI+情报的绝对价值 by ourren

Dr. Claw: 面向科研全流程的通用 AI 研究助手 by ourren

2025太空安全报告 by ourren

从AIIDE的架构演进，洞察AI工程化的设计逻辑 by ourren

Learn Claude Code -- 真正的 Agent Harness 工程 by ourren

ground-station:开源一站式卫星追踪与信号本地解码工具包 by ourren

更多最新文章，请访问SecWiki

Microsoft has acknowledged a significant bug introduced by its March 2026 cumulative update that is preventing users from signing into Microsoft Teams Free, OneDrive, and several other Microsoft applications on Windows 11 devices. The issue, tied to the KB5079473 update released on March 10, 2026, has left affected users locked out of their accounts despite […]

The post Windows 11 March Update Breaks Microsoft Teams and OneDrive Sign-Ins appeared first on Cyber Security News.

This week’s threat landscape highlights the evolving sophistication of threat actors, who are increasingly targeting newly disclosed and unpatched vulnerabilities. […]

The post Weekly Threat Landscape Digest – Week 12 appeared first on HawkEye.

世界第一台通用计算机 ENIAC（代表 Electronic Numerical Integrator And Computer 或电子数值积分计算机） 诞生八十周年。1946 年 2 月 15 日宾夕法尼亚大学 Moore 电气工程学院研发的 ENIAC 首次公开亮相。以今天的标准，ENIAC 相当原始，但其纯电子设计和可编程性在当时是计算机领域的突破性进展。ENIAC 使高速通用计算成为可能，为现代计算机奠定了基础。过去八十年，计算机领域已发展成为一个庞然大物、成为现代经济增长的引擎。ENIAC 最初是为美国陆军加速计算火炮的火力表而研发的，包含了 17468 个电子管，由 80 台鼓风机进行冷却，重达 27 吨（30 美吨），耗电量相当于一个小镇，它于 1955 年 10 月 2 日运行九年后退役。

КПРФ потребовала объяснить логику белых списков.

A critical security flaw impacting Langflow has come under active exploitation within 20 hours of public disclosure, highlighting the speed at which threat actors weaponize newly published vulnerabilities. The security defect, tracked as CVE-2026-33017 (CVSS score: 9.3), is a case of missing authentication combined with code injection that could result in remote code execution. "The POST /api/v1

The Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to patch a maximum-severity vulnerability, CVE-2026-20131, in Cisco Secure Firewall Management Center (FMC) by Sunday, March 22. [...]

A sweeping cyberattack campaign has compromised more than 7,500 Magento-powered e-commerce websites since late February 2026, with attackers uploading hidden malicious files into publicly accessible web directories across thousands of domains. The attack has spread to over 15,000 hostnames, affecting commercial brands, government agencies, universities, and non-profit organizations spanning multiple countries, making it one of […]

The post Hackers Compromised 7,500+ Magento Websites to Upload Hidden Malicious Files and Steal Data appeared first on Cyber Security News.

Это самая мощная из авиационных проникающих бомб в арсенале страны.

From golden images to agent governance, Chainguard Assemble 2026 focused on how teams can reduce risk by embedding trust, compliance, and security into delivery systems.

The post Chainguard Assemble 2026 and the Security Factory Mindset appeared first on Security Boulevard.

Author, Creator & Presenter: Scott Piper - Principal Cloud Security Researcher at Wiz

Our thanks to BSidesSLC for publishing their Creators, Authors and Presenter’s outstanding BSidesSLC 2025 content on the Organizations' YouTube Channel.

Permalink

The post BSidesSLC 2025 – Getting Things Fixed – Keynote On Security Wins (And Fails) appeared first on Security Boulevard.

预印本平台 arXiv.org 将于 7 月 1 日脱离康奈尔大学成立独立的非营利性公司，它正在招募 CEO。过去两年因为 AI 以及 AI 相关领域的火热 arXiv 收到的投稿数量激增，员工人数也增长到 27 人，导致出现了运营赤字，康奈尔大学帮助支付了超支。但 arXiv 在资金需求上与康奈尔内部项目存在竞争，而它在寻求赞助时对方会担心通过康奈尔捐赠的资金无法直接用于 arXiv 项目，成立独立机构就是为了解决该问题。此举有助于 arXiv 从更多的捐赠者手中直接筹集到用于该平台的资金，也有助于它解决投稿中的 AI slop 问题。分拆和独立运营是 arXiv 创始人、物理学家 Paul Ginsparg 最早提出的，Ginsparg 一直想退出和退休，独立运营也有助于他彻底放手。

A vulnerability classified as problematic has been found in Zimbra Collaboration Suite 10.0/10.1. This affects an unknown function of the file /h/rest of the component Webmail REST Interface. The manipulation leads to cross site scripting. This vulnerability is referenced as CVE-2026-33368. Remote exploitation of the attack is possible. No exploit is available.

A vulnerability described as problematic has been identified in Zimbra Collaboration Suite 10.0/10.1. The impacted element is an unknown function of the component Briefcase Feature. Executing a manipulation can lead to cross site scripting. The identification of this vulnerability is CVE-2026-33370. The attack may be launched remotely. There is no exploit available.

A vulnerability marked as problematic has been reported in Zimbra Collaboration Suite 10.0/10.1. The affected element is an unknown function of the component Request Header Handler. Performing a manipulation results in cross-site request forgery. This vulnerability was named CVE-2026-33372. The attack may be initiated remotely. There is no available exploit.

A vulnerability labeled as problematic has been found in Zimbra Collaboration Suite 10.0/10.1. Impacted is an unknown function of the component Exchange Web Service. Such manipulation leads to xml external entity reference. This vulnerability is uniquely identified as CVE-2026-33371. The attack can be launched remotely. No exploit exists.

A vulnerability identified as critical has been detected in Zimbra Collaboration Suite 10.0/10.1. This issue affects some unknown processing of the component Mailbox SOAP Service. This manipulation causes ldap injection. This vulnerability is handled as CVE-2026-33369. The attack can be initiated remotely. There is not any exploit available.

A vulnerability categorized as critical has been discovered in Foundation Agents MetaGPT up to 0.8.1. This vulnerability affects unknown code of the file metagpt/actions/di/write_analysis_code.py of the component DataInterpreter. The manipulation results in injection. This vulnerability is known as CVE-2026-4516. It is possible to launch the attack remotely. Furthermore, an exploit is available. The vendor was contacted early about this disclosure but did not respond in any way.