Aggregator

新一代智能体：带着你的知识去解决问题！

Sysdig details how threat actors exploited a critical CVE in Langflow in less than a day

Michael Smith, 54, of Cornelius, North Carolina, has pleaded guilty in federal court to running a scheme that exploited music streaming platforms and diverted royalty payments from artists. He admitted to one count of conspiracy to commit wire fraud, which carries a maximum sentence of five years in prison, and agreed to forfeit $8,091,843.64. According to U.S. Attorney for the Southern District of New York Jay Clayton, Smith used AI to generate hundreds of thousands … More →

The post Fake AI songs streamed billions of times, netting fraudster $10 million appeared first on Help Net Security.

强势围观！

A vulnerability identified as problematic has been detected in h3js h3 up to 2.0.0-rc.8/2.0.1-rc.9. This impacts the function requireBasicAuth. Performing a manipulation results in observable timing discrepancy. This vulnerability was named CVE-2026-33129. The attack may be initiated remotely. There is no available exploit. You should upgrade the affected component.

A vulnerability categorized as problematic has been discovered in louislam uptime-kuma up to 2.2.0. This affects the function require.resolve of the file notification-provider.js. Such manipulation leads to improper control of filename for include/require statement in php program ('php remote file inclusion'). This vulnerability is uniquely identified as CVE-2026-33130. The attack can be launched remotely. No exploit exists. It is advisable to upgrade the affected component.

“银狐”木马再升级：专挑VPN用户下手，下载页面全是高仿

应对OpenClaw漏洞危机 360龙虾卫士筑牢智能体安全防线！

速修复

速修复

从稳定可测到分散隐匿：伊朗黑客基础设施部署三阶段蜕变。

公司称遭遇DDoS攻击，已恢复正常

Рассказываем о провале, который поставил под удар миллионы устройств.

营造清朗的网络空间，保护企业合法权益，是为数字经济与实体经济融合发展保驾护航的重要举措。目前，我国已初步构建起涉企网络侵权举报制度体系，有关部门出台的相关工作规范和指导意见，明确了平台处置涉企侵权信息的责任。但面对由AI技术赋能的网络水军……

数据作为数字经济时代的关键生产要素，其产权制度的构建与完善直接关系到国家创新活力和经济发展潜力。党的二十届三中全会《决定》明确提出“加快建立数据产权归属认定、市场交易、权益分配、利益保护制度”，为数据基础制度建设指明了方向。

3月19日，华为中国合作伙伴大会2026在深圳举行。大会以“因聚而升，融智有为”为主题，旨在通过“伙伴+华为”体系在战略、能力、价值的全面融合与协同，共筑数智化升级新引擎。

根据国家信息安全漏洞库（CNNVD）统计，近期共采集重要人工智能漏洞155个，CNNVD对这些漏洞进行了收录。本周人工智能类漏洞主要涵盖了OpenClaw、腾讯、HCL等多个厂商（项目）。CNNVD对其危害等级进行了评价，其中超危漏洞18个，高危漏洞56个，中危漏洞81个。

此次修法将关基安全保护的法律责任作为重点关切，通过体系化、梯度化的责任设计，切实推动运营者履行安全保护主体责任，并进一步完善网络产品和服务责任链条，全面提升关基供应链安全水平，充分彰显法治建设与时代发展协同适配的治理逻辑。

In our recent report, Beyond the Black Box, we found a striking gap: 80% of executives believe their organizations have strong security coverage for AI systems. Only about 40% of AppSec practitioners agree.

Related: AI moves mainstream

That’s not … (more…)

The post GUEST ESSAY: Executives trust AI security even as security teams confront blind spots, new risks first appeared on The Last Watchdog.

The post GUEST ESSAY: Executives trust AI security even as security teams confront blind spots, new risks appeared first on Security Boulevard.