Aggregator

Фишинг в мессенджере набирает обороты.

当前环境异常，需完成验证后方可继续访问。

当前环境出现异常，需完成验证后方可继续访问。页面提供“去验证”按钮以引导用户进行相关操作。

Submit #621811 / VDB-317592

Submit #621797 / VDB-317591

Submit #621796 / VDB-317590

深圳中软赢科准备在 Chinajoy 2025 上展示其最高端的掌机：使用 AMD Ryzen AI Max+ 395 APU 的 GPD WIN 5。AMD Ryzen AI Max 395 此前主要用于工作站，由基于 Zen5 架构的 16 核 32 线 CPU 和 Radeon 8060S GPU 组成，华硕和惠普推出的 Ryzen AI Max 395 笔记本电脑售价在 1.5-2 万元之间，很难想象如此强大的 APU 会用于掌机，也很难想象掌机的电池续航时间会有多久。

A vulnerability was found in D-Link DI-8400 16.07.26A1. It has been classified as problematic. This affects an unknown part of the file usb_paswd.asp of the component jhttpd. The manipulation of the argument share_enable leads to null pointer dereference. This vulnerability is uniquely identified as CVE-2025-8175. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

Model Context Protocol (MCP) 正迅速成为连接 AI 代理与数据源、工具、服务的标准通信协议，MCP 带来的安全漏洞也在显现，对 agentic AI 系统构成独特威胁。

当前环境出现异常状态,需完成验证操作后方可继续访问。

Apple发布iOS 26等系统公开测试版，引入液态玻璃设计风格，优化锁屏界面并支持3D效果与动态背景。主屏幕和小组件布局更灵活，Safari浏览器采用沉浸式设计。相机应用UI重构，照片功能升级。底部横条存在感降低。新增实时翻译、游戏聚合应用及电池续航优化等功能。

虚拟化逃逸 Windows 内核提权

A vulnerability was found in code-projects Voting System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/candidates_add.php. The manipulation of the argument photo leads to unrestricted upload. This vulnerability is handled as CVE-2025-8174. The attack may be launched remotely. Furthermore, there is an exploit available.

本期404星链计划新收录的2个优质项目分别是WeaponizedVSCode和QScan。

当前环境出现异常问题,需完成验证后才能继续访问,并提供了"去验证"和"返回"两个操作选项。