Aggregator

苹果手机第一季度在华出货量逆势激增20%

不安全
4 days 8 hours ago
好的,我现在需要帮用户总结这篇文章的内容。用户的要求是用中文,控制在100字以内,不需要特定的开头,直接写描述即可。 首先,我仔细阅读了文章内容。文章主要讲的是苹果手机在中国第一季度的出货量增长了20%,而整体市场却下降了4%。华为也实现了2%的增长,市场份额分别是华为20%和苹果19%。 接下来,我要提取关键信息:苹果增长20%,华为增长2%,整体市场下降4%,供应链中断和内存芯片价格飙升是主要原因。同时,华为的高端和平价产品都需求旺盛。 然后,我需要将这些信息浓缩到100字以内。要确保涵盖主要数据和原因。同时,保持语言简洁明了。 最后,组织语言,确保逻辑清晰,信息完整。例如:“苹果手机第一季度在中国出货量逆势增长20%,成为主要供应商中增长最强劲的品牌。尽管整体市场因供应链中断和内存芯片价格飙升下降4%,但华为和苹果分别实现2%和20%的增长。华为市场份额达20%,苹果为19%。” 这样既涵盖了所有重要数据,又符合用户的格式要求。 苹果手机第一季度在中国出货量逆势增长20%,成为主要供应商中增长最强劲的品牌。尽管整体市场因供应链中断和内存芯片价格飙升下降4%,但华为和苹果分别实现2%和20%的增长。华为市场份额达20%,苹果为19%。

Belgium’s NIS2 Audit Window Opens April 18, 2026. The Rest of the EU Is Right Behind.

Security Boulevard
4 days 8 hours ago

Belgium's NIS2 conformity assessment deadline hits April 18, 2026, and other EU member states are ramping enforcement close behind. See what auditors will demand from your SOC: incident reporting timelines, Article 20 management liability, and automatic documentation.

The post Belgium’s NIS2 Audit Window Opens April 18, 2026. The Rest of the EU Is Right Behind. appeared first on D3 Security.

The post Belgium’s NIS2 Audit Window Opens April 18, 2026. The Rest of the EU Is Right Behind. appeared first on Security Boulevard.

Shriram Sharma

CVE-2025-38137 | Linux Kernel up to 6.15.2 rescan_work_func use after free (EUVD-2025-19806 / Nessus ID 247808)

Vuldb Updates
4 days 9 hours ago
A vulnerability was found in Linux Kernel up to 6.15.2 and classified as critical. Affected by this vulnerability is the function rescan_work_func. Executing a manipulation can lead to use after free. This vulnerability is registered as CVE-2025-38137. The attack requires access to the local network. No exploit is available. It is suggested to upgrade the affected component.
vuldb.com

CVE-2025-38136 | Linux Kernel up to 6.15.2 usb usbhs_probe initialization (EUVD-2025-19807 / Nessus ID 249177)

Vuldb Updates
4 days 9 hours ago
A vulnerability labeled as problematic has been found in Linux Kernel up to 6.15.2. The affected element is the function usbhs_probe of the component usb. Executing a manipulation can lead to improper initialization. This vulnerability is handled as CVE-2025-38136. The attack can only be done within the local network. There is not any exploit available. The affected component should be upgraded.
vuldb.com

CVE-2025-38135 | Linux Kernel up to 6.15.2 serial mlb_usio_probe null pointer dereference (EUVD-2025-19808 / Nessus ID 249177)

Vuldb Updates
4 days 9 hours ago
A vulnerability identified as critical has been detected in Linux Kernel up to 6.15.2. Impacted is the function mlb_usio_probe of the component serial. Performing a manipulation results in null pointer dereference. This vulnerability is known as CVE-2025-38135. Access to the local network is required for this attack. No exploit is available. You should upgrade the affected component.
vuldb.com

CVE-2025-54502

CVE Trends
4 days 9 hours ago
Currently trending CVE - Hype Score: 1 - Incorrect use of boot service in the AMD Platform Configuration Blob (APCB) SMM driver could allow a privileged attacker with local access (Ring 0) to achieve privilege escalation potentially resulting in arbitrary code execution.

CVE-2024-1086

CVE Trends
4 days 9 hours ago
Currently trending CVE - Hype Score: 16 - A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_verdict_init() function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow() function can ...

CVE-2025-8088

CVE Trends
4 days 9 hours ago
Currently trending CVE - Hype Score: 1 - A path traversal vulnerability affecting the Windows version of WinRAR allows the attackers to execute arbitrary code by crafting malicious archive files. This vulnerability was exploited in the wild and was discovered by Anton Cherepanov, Peter Košinár, and Peter Strýček ...

Breaking Opus 4.7 with ChatGPT (Hacking Claude's Memory)

Embrace The Red
4 days 9 hours ago

In this post, we explore how ChatGPT generated an adversarial image that hijacked my Claude Opus 4.7 to invoke the memory tool and persist false memories for future chats.

This matters because Opus 4.6+ is genuinely a lot harder to attack than previous models, but it still fell for a ChatGPT generated image. A trick that works well with reasoning models is to challenge them with puzzles.

Indirect Prompt Injection and Alignment Progress

Claude Opus 4.6+ is more resilient against basic attacks, and reasons before taking actions. This means that most of the well-known, basic adversarial examples and attacks typically do not work.

CVE-2026-40286 | LabRedesCefetRJ WeGIA up to 3.6.9 Member Name cross site scripting (GHSA-42rc-rvrx-cmmw / EUVD-2026-23531)

VulDB Recent Entries
4 days 10 hours ago
A vulnerability was found in LabRedesCefetRJ WeGIA up to 3.6.9. It has been classified as problematic. Affected by this issue is some unknown functionality. The manipulation of the argument Member Name leads to cross site scripting. This vulnerability is traded as CVE-2026-40286. It is possible to initiate the attack remotely. There is no exploit available. Upgrading the affected component is recommended.
vuldb.com

CVE-2026-40284 | LabRedesCefetRJ WeGIA up to 3.6.9 Destinatário cross site scripting (GHSA-mccp-8446-phw5 / EUVD-2026-23527)

VulDB Recent Entries
4 days 10 hours ago
A vulnerability was found in LabRedesCefetRJ WeGIA up to 3.6.9 and classified as problematic. Affected by this vulnerability is an unknown functionality. Executing a manipulation of the argument Destinatário can lead to cross site scripting. This vulnerability appears as CVE-2026-40284. The attack may be performed from remote. There is no available exploit. It is suggested to upgrade the affected component.
vuldb.com

CVE-2026-40527 | radareorg radare2 ELF DW_TAG_formal_parameter os command injection (EUVD-2026-23534)

VulDB Recent Entries
4 days 10 hours ago
A vulnerability has been found in radareorg radare2 and classified as critical. Affected is the function DW_TAG_formal_parameter of the component ELF Handler. Performing a manipulation results in os command injection. This vulnerability is reported as CVE-2026-40527. The attack requires a local approach. No exploit exists. It is suggested to install a patch to address this issue.
vuldb.com

CVE-2026-40474 | wger-project wger up to 2.4 Configuration config.change_gymconfig save access control

VulDB Recent Entries
4 days 10 hours ago
A vulnerability, which was classified as critical, was found in wger-project wger up to 2.4. This impacts the function Save of the file config.change_gymconfig of the component Configuration Handler. Such manipulation leads to improper access controls. This vulnerability is documented as CVE-2026-40474. The attack can be executed remotely. There is not any exploit available. You should upgrade the affected component.
vuldb.com

CVE-2026-5720 | miniupnp project miniupnpd up to 2.3.9 HTTP Request ParseHttpHeaders integer underflow (EUVD-2026-23565 / Nessus ID 307450)

VulDB Recent Entries
4 days 10 hours ago
A vulnerability, which was classified as critical, has been found in miniupnp project miniupnpd up to 2.3.9. This affects the function ParseHttpHeaders of the component HTTP Request Handler. This manipulation causes integer underflow. This vulnerability is registered as CVE-2026-5720. The attack requires access to the local network. No exploit is available. It is advisable to upgrade the affected component.
vuldb.com

CVE-2026-40285 | LabRedesCefetRJ WeGIA up to 3.6.9 POST Parameter UsuarioDAO.php verificarDespacho cpf_usuario sql injection (GHSA-666r-v2m7-xgp9 / EUVD-2026-23529)

VulDB Recent Entries
4 days 10 hours ago
A vulnerability classified as critical was found in LabRedesCefetRJ WeGIA up to 3.6.9. The impacted element is the function DespachoControle::verificarDespacho of the file dao/memorando/UsuarioDAO.php of the component POST Parameter Handler. The manipulation of the argument cpf_usuario results in sql injection. This vulnerability is cataloged as CVE-2026-40285. The attack may be launched remotely. There is no exploit available. Upgrading the affected component is advised.
vuldb.com

CVE-2026-40299 | amannn next-intl up to 4.9.0 WHATWG URL Parser redirect (GHSA-8f24-v5vv-gm5j)

VulDB Recent Entries
4 days 10 hours ago
A vulnerability classified as problematic has been found in amannn next-intl up to 4.9.0. The affected element is an unknown function of the component WHATWG URL Parser. The manipulation leads to open redirect. This vulnerability is listed as CVE-2026-40299. The attack may be initiated remotely. There is no available exploit. It is recommended to upgrade the affected component.
vuldb.com

CVE-2026-35603 | Anthropic claude-code up to 2.1.74 on Windows Configuration managed-settings.json untrusted search path (GHSA-5cwg-9f6j-9jvx / EUVD-2026-23520)

VulDB Recent Entries
4 days 10 hours ago
A vulnerability described as problematic has been identified in Anthropic claude-code up to 2.1.74 on Windows. Impacted is an unknown function of the file C:\ProgramData\ClaudeCode\managed-settings.json of the component Configuration Handler. Executing a manipulation can lead to untrusted search path. This vulnerability is tracked as CVE-2026-35603. The attack is restricted to local execution. No exploit exists. Upgrading the affected component is recommended.
vuldb.com

Managed ad