Aggregator

在周日（4 月 19 日）举行的 2026 北京亦庄人形机器人半程马拉松赛上，机器人首次跑赢了人类半马世界纪录，前三名成绩全部优于人类纪录。荣耀旗下的齐天大圣队、雷霆闪电队、星火燎原队分别夺得冠军、亚军、季军，净用时分别为 50 分 26 秒、50 分 56 秒、53 分 01 秒，均优于乌干达名将基普利莫在今年 3 月里斯本半程马拉松赛中创造的 57 分 20 秒人类男子半马世界纪录。这一成绩与去年相比进步显著：一年前在亦庄举行的首届人形机器人半程马拉松上，天工队的人形机器人以 2 小时 40 分 42 秒的成绩夺冠。一年后，参赛队伍数量从 20 支增至百余支，是去年的五倍。整体完赛成绩大幅提升，人形机器人续航更稳、步态更顺、算法更稳。途中仍有部分机器人摔倒，或撞上赛道护栏。技术层面同样有进步：去年工程师们还可以跟着机器人一路小跑“陪跑"，今年很多机器人的速度大幅提升，工作人员不得不改坐高尔夫球车跟在后面。去年，天工是赛场上唯一采用"半自主"方式参赛的选手，其余几乎全部依赖遥控。今年，约四成队伍已实现自主导航。为鼓励这一趋势，赛事规则规定遥控操作组成绩须乘以 1.2 加权系数，变相惩罚依赖人工遥控的队伍。

深度解析Prompt注入攻击原理，通过真实复现案例揭示攻击者如何劫持AI Agent

第三方 SDK 重大漏洞曝光：超 3000 万加密

跨租户Teams服务台钓鱼到数据外传：一次

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape CPU-Z / HWMonitor watering hole infection – a copy-pasted attack   Fake Claude site installs malware that gives attackers access to your computer   Malware Analysis Static SKILL for Codex   JanelaRAT: a financial threat targeting users in Latin […]

硅谷科技巨头斥资数千亿美元建造 AI 数据中心，然而大规模的数据中心建设面临巨大的施工和电力挑战。卫星无人机图像显示美国近四成数据中心项目可能无法按计划在今年内完工。分析显示，微软、甲骨文和 OpenAI 等公司的数据中心项目很可能延期三个月以上完工。数据中心项目延误的原因包括劳动力、电力和设备长期短缺，以及获得必要许可的繁琐流程。参与 OpenAI 项目的建筑公司高管提到，他们缺乏足够的技工如电工和管道工去同时开展多个数据中心项目。因巨大的电力需求，科技巨头甚至在建自己的发电厂，大量使用安装在半挂式卡车上的移动式燃气发电机，以及最初为飞机和军舰设计的涡轮发动机。

A vulnerability, which was classified as problematic, was found in Cactus Software Shell-Lock. Affected by this issue is some unknown functionality. Executing a manipulation can lead to symlink following. The identification of this vulnerability is CVE-1999-1541. The attack can only be executed locally. There is no exploit available.

A vulnerability has been found in Red Hat Linux 6.0 and classified as critical. This affects an unknown part of the component RPMMail. The manipulation of the argument MAIL FROM as part of Metacharacter leads to improper privilege management. This vulnerability is referenced as CVE-1999-1542. Remote exploitation of the attack is possible. No exploit is available. The affected component should be upgraded.

A vulnerability was found in Auto_FTP 0.2 and classified as critical. This vulnerability affects unknown code of the file auto_ftp.pl. The manipulation results in cleartext storage of sensitive information. This vulnerability is identified as CVE-1999-1344. The attack can be executed remotely. There is not any exploit available.

A vulnerability was found in Auto_FTP 0.2. It has been classified as problematic. This issue affects some unknown processing of the file auto_ftp.pl. This manipulation causes improper privilege management. This vulnerability is tracked as CVE-1999-1345. The attack is restricted to local execution. No exploit exists.

A vulnerability was found in Netscape Communicator 4.04/4.7/4.51 on Unix. It has been declared as critical. Impacted is an unknown function of the component CGI Handler. Such manipulation leads to basic cross site scripting. This vulnerability is listed as CVE-1999-1357. The attack may be performed from remote. There is no available exploit. It is recommended to upgrade the affected component.

A vulnerability categorized as problematic has been discovered in Xlink Technology Omni-nfs X Enterprise 6.1. The impacted element is an unknown function of the file nfsd.exe of the component NFS Daemon. Executing a manipulation as part of TCP URG Packet can lead to resource consumption. This vulnerability is registered as CVE-1999-1349. It is possible to launch the attack remotely. No exploit is available. The application of restrictive firewalling is recommended.

A vulnerability identified as critical has been detected in Red Hat Linux 6.1. This affects an unknown function of the file /etc/nologin of the component Rlogin. The manipulation leads to improper authentication. This vulnerability is documented as CVE-1999-1346. The attack can be initiated remotely. There is not any exploit available. You should upgrade the affected component.

A vulnerability labeled as problematic has been found in Red Hat Linux 6.1. This impacts an unknown function of the file .xsession. The manipulation results in improper privilege management. This vulnerability is reported as CVE-1999-1347. The attack requires a local approach. No exploit exists. The affected component should be upgraded.

A vulnerability marked as problematic has been reported in Roxen Web Server 1.3.11. Affected is an unknown function of the file htmlparse.pike of the component RXML Parser. This manipulation causes denial of service. This vulnerability appears as CVE-1999-1522. The attack may be initiated remotely. There is no available exploit. It is suggested to upgrade the affected component.

A vulnerability classified as problematic was found in Caldera OpenLinux 2.3. This affects an unknown part of the component Ident Daemon. Executing a manipulation can lead to denial of service. This vulnerability is handled as CVE-2000-0369. The attack can be executed remotely. There is not any exploit available. Upgrading the affected component is advised.

A vulnerability, which was classified as problematic, was found in Xerox DocuColor 4LP. This issue affects some unknown processing of the component URL Handler. The manipulation with the input .......... results in denial of service. This vulnerability was named CVE-1999-1343. The attack may be performed from remote. There is no available exploit.