Aggregator

Submit #616383 / VDB-313334

Submit #616382 / VDB-177393

Submit #616351 / VDB-177391

Mozilla 开发者宣布，预计 7 月 22 日释出的 Firefox 141 将支持 WebGPU。目前对 WebGPU 的支持仅限于 Windows 版本的 Firefox，未来几个月将支持 Linux 和 Mac 版本。WebGPU 为 Web 提供了下一代高性能图形 API，允许在 GPU 上执行渲染和计算操作，Google Chrome 最早于 2023 年引入了对该 API 的支持，而苹果的 Safari 预计将在秋天释出的 v26 中支持 WebGPU。Firefox 的 WebGPU 实现是基于用 Rust 开发的 WGPU，为底层平台的底层图形 API如 Direct3D 12、Metal 和 Vulkan 提供了统一可移植的接口。WGPU 托管在 GitHub 上，是作为一个独立开源项目开发的，Mozilla 是其主要贡献者。

/r/netsec 是一个由社区管理的技术信息安全内容聚合平台，旨在为安全从业者、学生、研究人员和黑客提供有价值的信息。

Submit #616345 / VDB-316857

Submit #616344 / VDB-316856

Submit #616318 / VDB-316855

Submit #616317 / VDB-316854

Submit #616316 / VDB-316853

VMware patched flaws disclosed during the Pwn2Own Berlin 2025 hacking contest, where researchers earned $340,000 for exploiting them. Broadcom four vulnerabilities in VMware products demonstrated at Pwn2Own Berlin 2025. White hat hackers earned over $340,000 for VMware exploits, including $150,000 awarded to STARLabs SG for using an integer overflow flaw to compromise VMware ESXi. Below […]

Submit #616314 / VDB-177394

Submit #616312 / VDB-177395

Submit #616311 / VDB-177389

网络钓鱼攻击日益复杂，利用AI和深度伪造技术更具欺骗性。研究显示53%员工虽自信识别钓鱼邮件，但实际失败率高。持续安全教育和零信任文化是应对关键。

A vulnerability was found in PHPGurukul Online Security Guards Hiring System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /admin/search.php. The manipulation of the argument searchdata leads to cross site scripting. This vulnerability was named CVE-2025-7791. The attack can be initiated remotely. Furthermore, there is an exploit available.

Submit #616242 / VDB-168885

文章探讨了电视信号中断的奇怪现象,解释了黑客如何通过技术手段干扰正常广播,并分析了有线与卫星电视的区别及背后动机,帮助读者理解这一现象的基本原理和原因。

Submit #616240 / VDB-168885

A vulnerability was found in D-Link DI-8100 16.07.26A1. It has been classified as critical. This affects an unknown part of the file /menu_nat.asp of the component HTTP Request Handler. The manipulation of the argument out_addr/in_addr/out_port/proto leads to stack-based buffer overflow. This vulnerability is uniquely identified as CVE-2025-7790. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.