Aggregator
Your Origin Server Might Be Your Most Expensive Decision
1 month ago
Matt Butcher
Maximizing IOC Impact
1 month ago
Ive been thinking about threat intelligence lately. Specifically: indicators of compromise (IOC), how and where to share them to cause maximum pain to adversaries and help as many organizations as possible protect themselves. I regularly analyze malware traffic from sandboxes such as ANY.RUN, Triage[...]
Erik Hjelmvik
2026 美加墨世界杯观赛指南
1 month ago
5 月 15 日下午,中央广播电视总台与国际足球联合会(FIFA)共同宣布,就国际足联世界杯(The FIFA World Cup 2026)新周期的版权合作达成共识。合作的赛事中就包括了今年夏天的足
Maximizing IOC Impact
1 month ago
, Monday, 08 June 2026 07:00:00 (UTC/GMT)
Cisco Warns of Active Exploitation of Catalyst SD-WAN Flaw With No Patch Available
1 month ago
Cisco has issued an urgent w
科学家精准编辑人类胚胎基因
1 month ago
中国科学家贺建奎在 2018 年披露使用 CRISPR 基因编辑技术修改了人类胚胎诞生了两名基因编辑女婴。他后来因此被判入狱三年。CRISPR 不是一种非常精准的基因编辑技术,容易出现脱靶效应。现在哥伦比亚大学发育细胞生物学副教授 Dieter Egli 与 DNA 测试初创公司 Nucleus Genomics 的 Nathan Treff 等人合作,使用更精准的基因编辑技术碱基编辑编辑了人类胚胎基因,该技术能靶向 DNA 序列中的单个碱基,能减少副作用。最新研究针对了两个基因,其一是增加患心脏病风险的基因,其二是与镰状细胞贫血症等血液疾病相关的基因。研究人员表示这项技术有助于修复胚胎中的致病突变,但距离特制胎儿还很遥远。实验发现,这些基因编辑并未均匀发生在所有细胞中,一些细胞完成了碱基改造,另一部分则仍保留着原始碱基,这种现象被称为嵌合效应。
科学家精准编辑人类胚胎基因
1 month ago
墨西哥总统公布由政府支持的经济型EV原型
1 month ago
墨西哥总统公布由政府支持的经济型EV原型墨西哥政府支持的一家电动汽车初创企业公布了其首款原型车,总统克劳迪娅·辛鲍姆出席了仪式,她称赞该项目是一种经济实惠的出行选择,也是本土工程技术的展示。上周日,辛
[更新:承认故障] GitHub故障报告正在快速增加 不过状态页尚未更新还不知道情况
1 month ago
ChatGPT向所有个人用户推出锁定模式 可禁用外部链接或服务降低数据泄露风险
1 month ago
Впервые за 50 лет: Россия снова строит сверхзвуковой пассажирский самолёт — и это уже не чертежи
1 month ago
Он должен летать на скорости 1,7 Маха и быть тише своих предшественников.
VS Code Adds 2-Hour Extension Auto-Update Delay to Limit Supply Chain Attacks
1 month ago
Microsoft has announced that Visual Studio Code (VS Code) will apply a two-hour delay before extensions for the integrated development environment (IDE) are updated automatically to a newer version in an attempt to tackle software supply chain threats.
"When automatic updates are enabled, new versions are auto-updated two hours after they are published, adding an extra layer of protection
The Hacker News
VS Code Adds 2-Hour Extension Auto-Update Delay to Limit Supply Chain Attacks
1 month ago
Software Supply Chain / MalwareMicrosoft has announced that Visual Studio Code (VS Code) will appl
CVE-2026-11559 | CodeAstro Payroll System 1.0 /view_account.php ID sql injection
1 month ago
A vulnerability, which was classified as critical, was found in CodeAstro Payroll System 1.0. This affects an unknown function of the file /view_account.php. The manipulation of the argument ID results in sql injection.
This vulnerability was named CVE-2026-11559. The attack may be performed from remote. In addition, an exploit is available.
vuldb.com
CVE-2026-11558 | CodeAstro Payroll System 1.0 /home_salary.php rate/salary_rate sql injection
1 month ago
A vulnerability, which was classified as critical, has been found in CodeAstro Payroll System 1.0. The impacted element is an unknown function of the file /home_salary.php. The manipulation of the argument rate/salary_rate leads to sql injection.
This vulnerability is uniquely identified as CVE-2026-11558. The attack is possible to be carried out remotely. Moreover, an exploit is present.
vuldb.com
全球核弹头数量在中朝拉动下连续4年增长
1 month ago
全球核弹头数量在中朝拉动下连续4年增长瑞典斯德哥尔摩国际和平研究所6月8日发布报告称,截至今年1月,全球可投入使用的核弹头数量为9745枚,较上年增加131枚。可用弹头总数是2005年有完整统计以来首
Over 20,000 Instagram accounts stolen in Meta AI support hack
1 month ago
Meta has revealed that over 20,000 Instagram users had their accounts hijacked in a recent
Why do people with kids seem to get preference everywhere? Is it some subtle nudge to have children?
1 month ago
CVE-2026-11557 | Tenda F451 1.0.0.7/1.0.0.9 Web Management Interface /goform/Natlimit fromNatlimit page stack-based overflow
1 month ago
A vulnerability classified as critical was found in Tenda F451 1.0.0.7/1.0.0.9. The affected element is the function fromNatlimit of the file /goform/Natlimit of the component Web Management Interface. Executing a manipulation of the argument page can lead to stack-based buffer overflow.
This vulnerability is handled as CVE-2026-11557. The attack can be executed remotely. Additionally, an exploit exists.
vuldb.com