Aggregator
8 вершин и дырка посередине. Математик рассчитал идеальный бумажный пончик — и закрыл вечный спор об оригами
CISA flags two-year-old Oracle flaw as actively exploited in attacks
New WordPress Malware Uses Steam Profile Comments to Hide C2 Instructions
Счёт пришёл, атака началась. Касперский зафиксировал 13 тысяч атак через ЭДО и деловую переписку
Halo Security Honored with 2026 MSP Today Product of the Year Award
Travelers deploys AI-powered claims countrywide with OpenAI
CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.
- CVE-2022-0492 Linux Kernel Improper Authentication Vulnerability
- CVE-2025-48595 Android Framework Integer Overflow Vulnerability
These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risks to the federal enterprise.
Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the KEV Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.
Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of KEV Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.
Beyond Assume-Breach: How AI-Native Security Will Reshape Enterprise Defense
AI-Driven Exploitation is Destroying Vulnerability Management. Here’s How to Handle It.
Сетевая безопасность стала главным полем борьбы. ЦСР поставил UserGate на первое место
Submit #829415: DedeCMS DedeCMS Content Management System V5.7.88 SQL Injection [Accepted]
Submit #829414: DedeCMS DedeCMS Content Management System V5.7.88 SQL Injection [Accepted]
Submit #829413: DedeCMS DedeCMS Content Management System V5.7.88 SQL Injection (GBK Wide Byte Bypass) [Accepted]
Камера не горит, экран молчит, а микрофон пишет. О новой атаке на iPhone через iMessage рассказал Касперский
Google fixes one actively exploited Android zero-day, 124 flaws
RALord
You must login to view this content
开启报名 | 首届火山「AI安全攻防」挑战赛邀你参赛
RALord
You must login to view this content