Aggregator

A few days ago we wrote about YellowKey, the newest entry i

A vulnerability was found in zephyrproject-rtos Zephyr up to 4.3 and classified as problematic. Affected is an unknown function of the component PTP_MSG_MANAGEMENT Message Handler. The manipulation results in infinite loop. This vulnerability is identified as CVE-2026-5072. The attack can be executed remotely. There is not any exploit available.

Как стартап обходит гигантов на рынке домашних роботов.

澳洲联邦法院周四维持对社交平台 X 的罚款裁定，理由是 X 平台未遵守儿童网络安全规范。根据澳洲法律，电子安全委员办公室有权对未回应要求、未提供详细资讯说明如何保护儿童网络安全的企业处以罚款。电子安全

欧盟《网络弹性法案》（Cyber Resilience Act，简称CRA）已于2024年12月10日正式生效。

本文是知名网络安全媒体 Dark Reading 在庆祝其成立 20 周年（2006–2026）之际推出的特别深度专题报道。

速修复

速修复

速修复

阅读： 11自从Windows有了DNS Client Service (Dnscache)，进程发起DNS查询时，就与此服务深度藕合。进程试图进行FQDN解析时

The global financial sector is facing a sharp rise in Financial Services DDoS Attacks, with

Cisco has released security updates to fix a critical vulnerability, tracked as CVE-2026-20

Hackers can weaponize a legitimately signed Lenovo driver to terminate security processes, highlighting a dangerous Bring Your Own Vulnerable Driver (BYOVD) attack vector that can bypass endpoint protection controls. Security researcher Jehad Abudagga has analyzed a Lenovo driver, BootRepair.sys, originally associated with the Lenovo PC Manager utility, and discovered that it can be abused to kill […]

The post Hackers Can Weaponize Lenovo Driver to Terminate EDR Processes appeared first on Cyber Security News.

浏览器扩展合集：我们为你找到了这 6 款实用、有趣的「新玩意」前言我们总在追求更加舒适的网页浏览体验，实用、有趣的浏览器扩展，则能为大家的冲浪之旅锦上添花。在浏览器扩展这边，近期又有哪些好用、有趣的「

Компании не успевают вовремя выявлять утечки и передачу доступа.

英国HS2高铁建设成本增 工期再度延后英国政府19日表示，英国2号高速铁路(HS2)的建设成本可能超过1000亿英镑，即使这项计划规模缩减，费用仍持续攀升，工期也进一步延后。英国交通大臣亚历山大在国会

现代人几乎与手机形影不离，手部、面部皮肤与手机及手机壳长期高频接触。你有没有留意过，用了大半年的手机壳，不知从哪天开始就悄悄发黄、发黏，怎么擦都回不到当初光亮透明的样子。根据发表在《危险材料杂志》上的研究，科学家证实不良卫生习惯及频繁化妆行为会加速热塑性聚氨酯（TPU）手机壳老化，使其逐渐成为全氟烷基物质（PFAS）与条件致病菌共同富集的“温床”。用户行为研究机构 Dscout 的真实环境追踪报告显示，智能手机用户日均触摸手机 2617 次，重度用户可达 5400 余次。研究团队招募了 30 名在校大学生志愿者，开展了一项持续 285 天的真实环境受控队列研究。团队观察了两类典型受试群体：一类是卫生习惯良好、较少使用化妆品的志愿者；另一类则恰巧相反，频繁使用化妆品且手部卫生习惯较差。结果显示，与卫生习惯较好、较少使用化妆品的志愿者相比，频繁使用化妆品且手部卫生习惯较差的受试者，其手机壳表面的 PFA S富集水平显著升高。在部分污染累积较严重的手机壳样本中，全氟辛酸（PFOA）表面富集量最高达到每平方厘米 9.39 微克，全氟辛烷磺酸（PFOS）最高达到每平方厘米 0.164 微克，提示日常接触行为可能正在悄然增加人体暴露于新污染物和潜在致病微生物的风险。

A vulnerability marked as problematic has been reported in mtrudel bandit up to 1.11.0. This issue affects some unknown processing in the library lib/bandit/http1/socket.ex of the component Standard Phoenix Endpoint. The manipulation leads to allocation of resources. This vulnerability is documented as CVE-2026-39803. The attack can be initiated remotely. There is not any exploit available. It is suggested to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in mtrudel bandit up to 1.11.0. This impacts the function do_read_chunked_data in the library lib/bandit/http1/socket.ex of the component TCP Connection Handler. Executing a manipulation can lead to infinite loop. This vulnerability is handled as CVE-2026-39806. The attack can be executed remotely. There is not any exploit available. You should upgrade the affected component.

A vulnerability categorized as critical has been discovered in Lightning-AI pytorch-lightning 2.6.2/2.6.3. Impacted is an unknown function. Such manipulation leads to embedded malicious code. This vulnerability is documented as CVE-2026-44484. The attack can be executed remotely. There is not any exploit available.