Aggregator

晋江封禁 “老天奶”引争议

Solidot
4 days 17 hours ago
晋江文学城因内容审核标准问题陷入舆论漩涡,并因此引发了一场大规模的用户“发票抗议”。风波始于晋江文学城于近日突然锁定热门女性向小说《女主对此感到厌烦》,相关提示为“文章设定有问题,锁文要求清理”。这一操作迅速引发读者的不满与质疑。锁文事件引发舆论后,晋江平台管理员发帖说明《女主对此感到厌烦》临时锁定事件,称该作品因疑似含有挑动对立情绪的内容,网站依规对其进行临时锁定核查。经初步核查确认,未发现该文存在无差别扫射某一群体等明显违规行为,现对该作品恢复上架。然而这份说明中关于内容审核的具体标准,却引发了更大的争议。说明中明确“严禁使用非经汉语权威机构承认的生造字词或短语”,并举例“老天奶(为网络通用口语,类似‘老天爷’的变体)”。但有用户发现,晋江官方账号此前曾使用“老天奶”一词进行内容宣传。在被用户质疑后,相关博文已被删除。3 月 25 日,对晋江文学城不满的用户集体申请历史充值发票,到晚间,排队人数飙升至 19 万以上,规模空前。

CVE-2025-62846

CVE Trends
4 days 17 hours ago
Currently trending CVE - Hype Score: 2 - An SQL injection vulnerability has been reported to affect QHora. If a local attacker gains an administrator account, they can then exploit the vulnerability to execute unauthorized code or commands. We have already fixed the vulnerability in the following version: QuRouter ...

CVE-2025-62843

CVE Trends
4 days 17 hours ago
Currently trending CVE - Hype Score: 1 - An improper restriction of communication channel to intended endpoints vulnerability has been reported to affect QHora. If an attacker gains physical access, they can then exploit the vulnerability to gain the privileges that were intended for the original endpoint. We have ...

CVE-2024-4367

CVE Trends
4 days 17 hours ago
Currently trending CVE - Hype Score: 21 - A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11.

CVE-2024-55591

CVE Trends
4 days 17 hours ago
Currently trending CVE - Hype Score: 6 - An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting FortiOS version 7.0.0 through 7.0.16 and FortiProxy version 7.0.0 through 7.0.19 and 7.2.0 through 7.2.12 allows a remote attacker to gain super-admin privileges via crafted requests ...

[Webinar] Stop Guessing. Learn to Validate Your Defenses Against Real Attacks

The Hackers News
4 days 17 hours ago
Most teams have security tools in place. Alerts are firing, dashboards look clean, threat intel is flowing in. On the surface, everything feels under control. But one question usually stays unanswered: Would your defenses actually stop a real attack? That’s where things get shaky. A control exists, so it’s assumed to work. A detection rule is active, so it’s expected to catch something. But very
The Hacker News

Claude Extension Flaw Enabled Zero-Click XSS Prompt Injection via Any Website

The Hackers News
4 days 17 hours ago
Cybersecurity researchers have disclosed a vulnerability in Anthropic's Claude Google Chrome Extension that could have been exploited to trigger malicious prompts simply by visiting a web page. The flaw "allowed any website to silently inject prompts into that assistant as if the user wrote them," Koi Security researcher Oren Yomtov said in a report shared with The Hacker News. "No clicks, no
The Hacker News

Researchers release tool to detect stealthy BPFDoor implants in critical infrastructure networks

Help Net Security
4 days 17 hours ago

Telecommunications providers around the world have been dealing with the burrowing efforts of the China-linked APTs for many years now. To help them identify hard-to-detect implants used by the China-based group dubbed Red Menshen, Rapid7 researchers have released a scanning script. BPFdoor US, Canadian, European and Asian telcos have been repeatedly hit by the infamous Salt Typhoon group in the past few years. Red Menshen has been previously observed using the BPFDoor implant/backdoor when targeting … More →

The post Researchers release tool to detect stealthy BPFDoor implants in critical infrastructure networks appeared first on Help Net Security.

Zeljka Zorz

Managed ad