Aggregator

Злоумышленнику достаточно подменить один файл для полного перехвата управления машиной.

过去一年，AI Coding 的进化速度只能用“离谱”两个字来形容。从最初的代码补全，到后来的整段生成，再到

In this Help Net Security video, Alan Snyder, CEO at NowSecure, talks about governing shadow AI without stopping innovation. He frames the problem as two opposing forces. Companies need to adopt AI fast because attackers and competitors will outpace them otherwise, but they also need to do it safely. Snyder argues the pressure to move quickly will win, so leaders must work hard to manage AI risk along the way. He references the first 8-K … More →

The post Governing shadow AI without killing innovation appeared first on Help Net Security.

环境异常 当前环境异常，完成验证后即可继续访问。 去验证

环境异常 当前环境异常，完成验证后即可继续访问。 去验证

Mechanics of the Summary Vector A standard webpage can become an effective lure if an AI assistant summarizes its content. New research reveals how an adversary can conceal instructions directly within a website. Consequently,...

The post The ChatGPhish Phenomenon: Indirect Prompt Injection via AI Summarization appeared first on Information Security News.

微软于 2018 年 9 月 24 日宣布推出 Windows 和 Mac 的 Office 2019，售价 149.99 美元，可永久使用，但不会引入新功能。但到了 2026 年 5 月

微软于 2018 年 9 月 24 日宣布推出 Windows 和 Mac 版本的 Office 2019，售价 149.99 美元，可永久使用，但不会引入新功能。但到了 2026 年 5 月 15 日微软更新了支持文档，不再保证 Office 2019 能正常运行。Mac 版本的 Office 2019 的支持于 2023 年 10 月 10 日结束，微软使用数字证书去验证 Mac 版本的许可，该证书将于 2026 年 7 月 13 日到期。微软不打算更新证书，而是就让证书过期，而证书过期之后软件将无法正常使用，进入只读模式。微软向受影响用户提供了三种选择：继续以只读模式使用 Mac 版 Office 2019、切换到免费的 Microsoft 365 Web 应用，或者付费订阅 Microsoft 365 或购买新的 Office 家庭版 2024 永久许可证。微软此举招致了广泛批评，认为其做法涉嫌违法。Windows 版本未受影响。

The Catalyzing Decision The Wikimedia Foundation recently encountered severe backlash from volunteer Wikipedia editors. This indignation followed the controversial decision to dissolve the dedicated Community Tech team. For years, this specialized cohort methodically addressed...

The post The Wikimedia Schism: Editors Revolt Over Community Tech Dissolution appeared first on Information Security News.

The Breach and Execution Lifecycle An adversary recently weaponized an artificial intelligence agent to orchestrate a sophisticated cyberattack. Specifically, the intruder targeted a publicly accessible Marimo computation server. According to findings from Sysdig, the...

The post The Rise of the Algorithmic Intruder: AI-Driven Exploitation of Marimo Servers appeared first on Information Security News.

The GlobalProtect Vulnerability Palo Alto Networks recently issued a stark warning regarding CVE-2026-0257. This security flaw compromises PAN-OS and Prisma Access architectures. Specifically, the vulnerability resides within the GlobalProtect portal and gateway. Under unique...

The post Perimeter Peril: Bypassing Authentication via Palo Alto Networks GlobalProtect appeared first on Information Security News.

145 AI-related laws were enacted by state legislatures in 2025, and more than 1,000 additional bills were introduced or revised, according to DataGrail’s Privacy and AI Trends Report 2026. Average cost of manual data subject request management (Source: DataGrail) Shadow AI risks Of the 2,400 popular business software providers that advertised AI capabilities, 63.6% did not disclose third-party AI subprocessors in their legal documentation, exposing businesses to shadow AI risks they may not be aware … More →

The post 145 AI laws passed in 2025 and privacy teams aren’t catching a break appeared first on Help Net Security.

点击上述蓝字关注，获得更多资讯近日，中国计算机行业协会数据存算专业委员会数据安全工作组工作推进会在长沙顺利召开。会...

赶快来看看都有那些数据安全企业上榜！

威胁猎人基于真实黑灰产攻击能力，围绕信贷欺诈、KYC对抗、支付欺诈、广告欺诈、营销套利等关键场景，输出可量化、可解释、可复测的业务安全评级。

2026年5月21-23日，CCF青年精英大会（YEF2026） 在四川绵阳盛大举行。作为连续深度参与的企业代表，vivo再次亮相YEF大会。

环境异常 当前环境异常，完成验证后即可继续访问。 去验证

环境异常 当前环境异常，完成验证后即可继续访问。 去验证

环境异常 当前环境异常，完成验证后即可继续访问。 去验证