Aggregator
英伟达与SK海力士、Naver和斗山达成合作
1 month ago
英伟达周一宣布与韩国的SK海力士、Naver以及斗山集团达成协议,将共同建设AI数据中心并采用这家美国芯片公司的技术,旨在继续推动AI热潮。SK海力士和英伟达两家公司表示,双方已签署了一项为期多年的技
IAEA称无法确认伊朗高浓缩铀目前的储存量
1 month ago
IAEA称无法确认伊朗高浓缩铀目前的储存量国际原子能机构(IAEA)在汇总的一份报告中称,自去年六月以色列和美国对伊朗核设施发动袭击以来,该机构一直无法在当地开展核查工作,因此未能掌握高浓缩铀目前的储
这届大甲方,搞定安全防护全是套路
1 month ago
自古套路得人心~
这届大甲方,搞定安全防护全是套路
1 month ago
CVE-2026-11028 | Google Chrome up to 148.0.7778.216 on Linux Media use after free (ID 497627 / WID-SEC-2026-1794)
1 month ago
A vulnerability was found in Google Chrome on Linux. It has been rated as critical. This impacts an unknown function of the component Media. This manipulation causes use after free.
This vulnerability is handled as CVE-2026-11028. The attack can be initiated remotely. There is not any exploit available.
Upgrading the affected component is advised.
vuldb.com
CVE-2026-11025 | Google Chrome up to 148.0.7778.216 on Android Navigation access control (ID 497595 / WID-SEC-2026-1794)
1 month ago
A vulnerability marked as critical has been reported in Google Chrome on Android. Affected is an unknown function of the component Navigation. Performing a manipulation results in improper access controls.
This vulnerability is identified as CVE-2026-11025. The attack can be initiated remotely. There is not any exploit available.
It is suggested to upgrade the affected component.
vuldb.com
CVE-2026-11024 | Google Chrome up to 148.0.7778.216 Skia stack-based overflow (ID 497591 / WID-SEC-2026-1794)
1 month ago
A vulnerability has been found in Google Chrome and classified as critical. This affects an unknown function of the component Skia. The manipulation leads to stack-based buffer overflow.
This vulnerability is documented as CVE-2026-11024. The attack can be initiated remotely. There is not any exploit available.
The affected component should be upgraded.
vuldb.com
CVE-2026-11021 | Google Chrome up to 148.0.7778.216 on Windows GPU sandbox (ID 497487 / WID-SEC-2026-1794)
1 month ago
A vulnerability was found in Google Chrome on Windows. It has been classified as critical. This issue affects some unknown processing of the component GPU. Performing a manipulation results in sandbox issue.
This vulnerability is known as CVE-2026-11021. Remote exploitation of the attack is possible. No exploit is available.
Upgrading the affected component is recommended.
vuldb.com
CVE-2026-11022 | Google Chrome up to 148.0.7778.216 DevTools cross-domain policy (ID 497532 / WID-SEC-2026-1794)
1 month ago
A vulnerability classified as problematic was found in Google Chrome. Impacted is an unknown function of the component DevTools. Such manipulation leads to permissive cross-domain policy with untrusted domains.
This vulnerability is listed as CVE-2026-11022. The attack may be performed from remote. There is no available exploit.
Upgrading the affected component is advised.
vuldb.com
CVE-2026-11023 | Google Chrome up to 148.0.7778.216 WebAppInstalls cross-domain policy (ID 497538 / WID-SEC-2026-1794)
1 month ago
A vulnerability, which was classified as problematic, has been found in Google Chrome. The affected element is an unknown function of the component WebAppInstalls. Performing a manipulation results in permissive cross-domain policy with untrusted domains.
This vulnerability is cataloged as CVE-2026-11023. It is possible to initiate the attack remotely. There is no exploit available.
It is advisable to upgrade the affected component.
vuldb.com
CVE-2026-11020 | Google Chrome up to 148.0.7778.216 Extensions cross-domain policy (ID 497440 / WID-SEC-2026-1794)
1 month ago
A vulnerability described as problematic has been identified in Google Chrome. This affects an unknown function of the component Extensions. Such manipulation leads to permissive cross-domain policy with untrusted domains.
This vulnerability is listed as CVE-2026-11020. The attack may be performed from remote. There is no available exploit.
Upgrading the affected component is recommended.
vuldb.com
【研究报告】美国侦察卫星发展研究:太空智能侦察星座、RG-XX与SG-XX系统全面解析
1 month ago
该报告系统分析了美国太空侦察体系正经历的60年来最深刻战略重构,核心内容可概括为五大维度。
京东与腾讯就AI Agent将达成重要合作
1 month ago
京东与腾讯就AI Agent将达成重要合作据悉,京东与腾讯将围绕AI Agent展开深度合作。依托京东的商品供应链、履约服务能力及腾讯的生态入口优势,双方将共同打造跨场景的智能化服务新范式,推动AI
Introducing the OpenAI Economic Research Exchange
1 month ago
OpenAI launches the Economic Research Exchange to study AI’s impact on jobs, productivity, and the economy. Applications are now open for selected research projects.
Agentic AI赋能的 ARM Metis 系统,推动软件安全漏洞检测技术升级
1 month ago
Governing Claude Enterprise in Environments Where Inline Controls Can't Go
1 month ago
TrendAI™ integrates Anthropic's Claude Compliance API into TrendAI Vision One™ through two collectors that bring AI-aware visibility and detection to Claude Enterprise usage: one keeps all data inside the environment, while the other feeds TrendAI Vision One™ for deeper correlation and compliance.
Tawnya Lancaster
Old WinRAR Flaw Fuels Attacks on Ukraine: How Unmanaged Software Keeps the Door Open
1 month ago
Two separate Russia-aligned campaigns are still exploiting the WinRAR flaw CVE-2025-8088 against Ukrainian organizations nearly a year after it was patched, showing how unmanaged software keeps an exploited entry point open long after the fix ships.
Hiroyuki Kakara
[webapps] OpenEMR 7.0.2 - Arbitrary File Read
1 month ago
OpenEMR 7.0.2 - Arbitrary File Read
开源邮件安全检测与内部邮箱盗用防护:小模型方案评估及群发拦截策略|总第313周
1 month ago
本期周报简介:
1、针对开源邮件安全检测系统,尤其是基于小模型或零样本模型的方案,在实际选型中会考虑吗?防钓鱼、防木马的优缺点分别在哪?
2、内部邮箱被盗后,如何有效阻止其向全员群发钓鱼邮件?还有哪些实操中好用的网关检测或发送限制手段?