ИИ-термины без боли: 20 слов, которые нужно знать всем
Больше вы никогда не спутаете ML с LLM и запросто отличите «галлюцинации» от «предвзятости».
Aggregator
CVE-2026-22977 | Linux Kernel up to 6.19-rc4 net sk_buff.cb allocation of resources (Nessus ID 297728 / WID-SEC-2026-0194)
1 day 5 hours ago
A vulnerability was found in Linux Kernel up to 6.19-rc4. It has been declared as critical. This affects an unknown function of the file sk_buff.cb of the component net. Such manipulation leads to allocation of resources.
This vulnerability is uniquely identified as CVE-2026-22977. The attack can only be initiated within the local network. No exploit exists.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2026-21964 | Oracle MySQL Server up to 8.0.44/8.4.7/9.5.0 Thread Pooling denial of service (EUVD-2026-3548 / Nessus ID 297724)
1 day 5 hours ago
A vulnerability identified as problematic has been detected in Oracle MySQL Server up to 8.0.44/8.4.7/9.5.0. This issue affects some unknown processing of the component Thread Pooling. The manipulation leads to denial of service.
This vulnerability is documented as CVE-2026-21964. The attack can be initiated remotely. There is not any exploit available.
You should upgrade the affected component.
vuldb.com
CVE-2026-21985 | Oracle VM VirtualBox 7.1.14/7.2.4 Core information disclosure (EUVD-2026-3527 / Nessus ID 297733)
1 day 5 hours ago
A vulnerability was found in Oracle VM VirtualBox 7.1.14/7.2.4. It has been declared as problematic. The impacted element is an unknown function of the component Core. The manipulation results in information disclosure.
This vulnerability is identified as CVE-2026-21985. The attack is only possible with local access. There is not any exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2026-1035 | Red Hat Keycloak Refresh Token TokenManager toctou (Nessus ID 297730 / WID-SEC-2026-0197)
1 day 5 hours ago
A vulnerability described as problematic has been identified in Red Hat Keycloak. Affected by this vulnerability is the function TokenManager of the component Refresh Token Handler. The manipulation results in time-of-check time-of-use.
This vulnerability is cataloged as CVE-2026-1035. The attack may be launched remotely. There is no exploit available.
vuldb.com
«Дайте хотя бы 50 евро». Хакеры так и не смогли развести школу на деньги и пошли к родителям
1 day 5 hours ago
Неизвестные хакеры выдали себя за группировку LockBit при атаке на школу в Бельгии.
The Gentleman
1 day 6 hours ago
You must login to view this content
cohenido
Threat Actors Abuse Microsoft & Google Platforms to Attack Enterprise Users
1 day 6 hours ago
Enterprise security teams are facing a sophisticated new challenge as cybercriminals increasingly exploit trusted cloud platforms to launch phishing attacks. Instead of relying on suspicious newly registered domains, threat actors now host their malicious infrastructure on legitimate services like Microsoft Azure Blob Storage, Google Firebase, and AWS CloudFront. This strategic shift allows attackers to hide […]
The post Threat Actors Abuse Microsoft & Google Platforms to Attack Enterprise Users appeared first on Cyber Security News.
Tushar Subhra Dutta
MomentProof Deploys Patented Digital Asset Protection
1 day 6 hours ago
Washington, DC, 4th February 2026, CyberNewsWire
The post MomentProof Deploys Patented Digital Asset Protection appeared first on Security Boulevard.
cybernewswire
MomentProof Deploys Patented Digital Asset Protection
1 day 6 hours ago
Washington, DC, 4th February 2026, CyberNewsWire
CyberNewswire
White House Nixes Biden-Era Software Security Rules
1 day 6 hours ago
Analysts Warn of Patchwork Federal Assurance Standards After Rollback
The White House rescinded two key software security policies requiring vendors to attest to secure development practices, citing excessive compliance burdens - but analysts warn the move risks weakening federal software assurance without strong, agency-level replacements.
The White House rescinded two key software security policies requiring vendors to attest to secure development practices, citing excessive compliance burdens - but analysts warn the move risks weakening federal software assurance without strong, agency-level replacements.
HHS Audit Flags Web App Security Gaps at Large Hospital
1 day 6 hours ago
Experts: Problems Are Frequent Weaknesses Across Healthcare Sector Entities
Security weaknesses in web-facing apps used at a large U.S. hospital could leave the facility's IT systems and sensitive patient information vulnerable to cyberattacks, found federal auditors. Those same problems also haunt many other healthcare entities, experts said.
Security weaknesses in web-facing apps used at a large U.S. hospital could leave the facility's IT systems and sensitive patient information vulnerable to cyberattacks, found federal auditors. Those same problems also haunt many other healthcare entities, experts said.
RapidFort Lands $42M to Scale Software Supply Chain Security
1 day 6 hours ago
San Francisco-Based Startup Eyes AI Adjacencies and Supply Chain Risk Reduction
Software supply chain security firm RapidFort has raised $42 million in Series A funding to expand sales operations and build out its platform. Founder and CEO Mehran Farimani says the company will focus on reducing developer lift while addressing emerging risks tied to AI-enabled workloads.
Software supply chain security firm RapidFort has raised $42 million in Series A funding to expand sales operations and build out its platform. Founder and CEO Mehran Farimani says the company will focus on reducing developer lift while addressing emerging risks tied to AI-enabled workloads.
Big Breach or Smooth Sailing? Mexican Gov't Faces Leak Allegations
1 day 6 hours ago
A hacktivist group claims a 2.3-terabyte data breach exposes the information of 36 million Mexicans, but no sensitive accounts are at risk, says government.
Robert Lemos, Contributing Writer
Why Hydrolix Partnered with Akamai to Solve Observability at Scale
1 day 6 hours ago
Pavel Despot
Two Critical Flaws in n8n AI Workflow Automation Platform Allow Complete Takeover
1 day 6 hours ago
Pillar Security discovered two new critical vulnerabilities in n8n that could lead to supply chain compromise, credential harvesting and complete takeover attacks
Microsoft rolls out native Sysmon monitoring in Windows 11
1 day 6 hours ago
Microsoft has started rolling out built-in Sysmon functionality to some Windows 11 systems enrolled in the Windows Insider program. [...]
Sergiu Gatlan
G.O.S.S.I.P 阅读推荐 2026-02-04 辨认“变色龙”APP
1 day 6 hours ago
祝大家立春快乐!希望大家都能下载到自己心仪的变色龙APP~
Аэродром для слабаков. Китайский грузовой дрон YH-1000S поднимает 1,2 тонны с воды, снега и бездорожья
1 day 6 hours ago
Этот беспилотник заменит транспортную авиацию в труднодоступных районах.
CISA Warns of GitLab Community and Enterprise Editions SSRF Vulnerability Exploited in Attacks
1 day 6 hours ago
A critical GitLab vulnerability has been added to the Known Exploited Vulnerabilities (KEV) catalog. Threat actors are actively exploiting a server-side request forgery (SSRF) flaw in GitLab Community and Enterprise editions. The vulnerability, tracked as CVE-2021-39935, poses significant risks to organizations using affected versions of GitLab. The SSRF vulnerability allows unauthorized external attackers to perform […]
The post CISA Warns of GitLab Community and Enterprise Editions SSRF Vulnerability Exploited in Attacks appeared first on Cyber Security News.
Abinaya