【公益译文】2026年AI指数报告(二)
往期推荐:2026年AI指数报告(一)1.5.开源AI软件前文重点介绍了值得关注的前沿模型以及构建和维护这些
Aggregator
全网AI时代,你企业的AI还在裸奔吗?
2 weeks 1 day ago
让每一次AI交互都安全、合规、有序。
CVE-2026-9880 | Google Chrome up to 148.0.7778.179 WebGL sandbox (ID 503615 / Nessus ID 318078)
2 weeks 1 day ago
A vulnerability was found in Google Chrome. It has been classified as critical. Impacted is an unknown function of the component WebGL. Performing a manipulation results in sandbox issue.
This vulnerability is reported as CVE-2026-9880. The attack is possible to be carried out remotely. No exploit exists.
Upgrading the affected component is recommended.
vuldb.com
CVE-2026-9879 | Google Chrome up to 148.0.7778.179 ANGLE out-of-bounds write (ID 499129 / Nessus ID 318078)
2 weeks 1 day ago
A vulnerability categorized as critical has been discovered in Google Chrome. This impacts an unknown function of the component ANGLE. Such manipulation leads to out-of-bounds write.
This vulnerability is documented as CVE-2026-9879. The attack can be executed remotely. There is not any exploit available.
It is advisable to upgrade the affected component.
vuldb.com
CVE-2026-9876 | Google Chrome up to 148.0.7778.179 on Android WebGL use after free (ID 493747 / Nessus ID 318078)
2 weeks 1 day ago
A vulnerability classified as critical was found in Google Chrome on Android. Impacted is an unknown function of the component WebGL. The manipulation results in use after free.
This vulnerability is cataloged as CVE-2026-9876. The attack may be launched remotely. There is no exploit available.
Upgrading the affected component is advised.
vuldb.com
CVE-2026-9877 | Google Chrome up to 148.0.7778.179 ANGLE use after free (ID 496445 / Nessus ID 318078)
2 weeks 1 day ago
A vulnerability has been found in Google Chrome and classified as critical. This vulnerability affects unknown code of the component ANGLE. This manipulation causes use after free.
This vulnerability is registered as CVE-2026-9877. Remote exploitation of the attack is possible. No exploit is available.
The affected component should be upgraded.
vuldb.com
CVE-2026-9878 | Google Chrome up to 148.0.7778.179 ANGLE use after free (ID 499054 / Nessus ID 318078)
2 weeks 1 day ago
A vulnerability was found in Google Chrome and classified as critical. This issue affects some unknown processing of the component ANGLE. Such manipulation leads to use after free.
This vulnerability is documented as CVE-2026-9878. The attack can be executed remotely. There is not any exploit available.
It is suggested to upgrade the affected component.
vuldb.com
CVE-2026-6722 | PHP up to 8.2.30/8.3.30/8.4.20/8.5.5 SOAP Extension use after free (GHSA-85c2-q967-79q5 / Nessus ID 313734)
2 weeks 1 day ago
A vulnerability marked as critical has been reported in PHP up to 8.2.30/8.3.30/8.4.20/8.5.5. This affects an unknown part of the component SOAP Extension. This manipulation causes use after free.
This vulnerability is registered as CVE-2026-6722. Remote exploitation of the attack is possible. No exploit is available.
It is suggested to upgrade the affected component.
vuldb.com
CVE-2026-7258 | PHP up to 8.2.30/8.3.30/8.4.20/8.5.5 urldecode out-of-bounds (GHSA-m8rr-4c36-8gq4 / Nessus ID 313734)
2 weeks 1 day ago
A vulnerability described as problematic has been identified in PHP up to 8.2.30/8.3.30/8.4.20/8.5.5. This vulnerability affects the function urldecode. Such manipulation leads to out-of-bounds read.
This vulnerability is documented as CVE-2026-7258. The attack can be executed remotely. There is not any exploit available.
Upgrading the affected component is recommended.
vuldb.com
Spain arrests suspected hacker for publishing personal data of police, prosecutors and cyber officials
2 weeks 1 day ago
Police described the incident as a large-scale disclosure of sensitive personal information that posed a threat to both the affected individuals and the institutions they serve. The data was allegedly posted on multiple internet platforms.
Why Encrypted File Sharing Is Essential for Modern Businesses
2 weeks 1 day ago
Consider the history of any recent corporate scandal, and it is quite possible to guess what the story…
Owais Sultan
Attackers are exploiting Palo Alto Networks defect that initially flew under the radar
2 weeks 1 day ago
The escalated threat posed by the defect showcases how quickly a seemingly mild vulnerability can turn into an urgent warning.
The post Attackers are exploiting Palo Alto Networks defect that initially flew under the radar appeared first on CyberScoop.
Matt Kapko
Hackers hijack thousands of sites for ClickFix and FakeUpdate attacks
2 weeks 1 day ago
A threat actor tracked as DriveSurge has been operating large-scale malware distribution campaigns using ClickFix and FakeUpdates techniques on compromised sites. [...]
Bill Toulas
Red Hat npm packages compromised to steal developer credentials
2 weeks 1 day ago
More than 30 npm packages under Red Hat's '@redhat-cloud-services' namespace were compromised in a supply-chain attack that distributed a new variant of the Shai-Hulud credential-stealing malware, dubbed "Miasma." [...]
Lawrence Abrams
Spain arrests doxer leaking sensitive data of govt employees
2 weeks 1 day ago
The Spanish National Police has arrested an individual for leaking sensitive information related to members of various key state organizations, including the National Cybersecurity Institute (INCIBE). [...]
Bill Toulas
Introducing VMware vDefend Lateral Security Design Blueprints for VCF 9.1
2 weeks 1 day ago
In the past, data center security mostly relied on perimeter protection—”building walls” to keep bad actors out. Today, safeguarding the data center’s “east-west” or lateral traffic traversing within applications and data is just as critical. Threat actors are leveraging “Frontier AI” security models to automate and accelerate attacks against private cloud workloads. To help enterprises … Continued
The post Introducing VMware vDefend Lateral Security Design Blueprints for VCF 9.1 appeared first on VMware Security Blog.
Nikodim Nikodimov
Anthropic to Open Mythos AI to EU's ENISA
2 weeks 1 day ago
The European security agency's entry to Project Glasswing is the result of "strong bilateral cooperation" between the European Commission and Anthropic.
Jai Vijayan
Safepay
2 weeks 1 day ago
You must login to view this content
cohenido
Safepay
2 weeks 1 day ago
You must login to view this content
cohenido
Safepay
2 weeks 1 day ago
You must login to view this content
cohenido