Aggregator

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.18.18/6.19.8. This issue affects the function emac_tx_mem_map of the component net. Performing a manipulation results in privilege escalation. This vulnerability was named CVE-2026-43462. The attack needs to be approached within the local network. There is no available exploit. It is advisable to upgrade the affected component.

阅读： 13通告编号:NS-2026-0008TAG：axios、npm、供应链攻击危害程度：高版本：1.0

A vulnerability classified as problematic was found in OALDERS LWP::UserAgent up to 6.82 on Perl. This issue affects some unknown processing. The manipulation results in insufficiently protected credentials. This vulnerability was named CVE-2026-8368. The attack may be performed from remote. There is no available exploit. Upgrading the affected component is advised.

A vulnerability marked as problematic has been reported in RRWO Crypt::SaltedHash up to 0.09 on Perl. This affects the function rand. Performing a manipulation results in cryptographically weak prng. This vulnerability is reported as CVE-2026-47372. The attack is possible to be carried out remotely. No exploit exists. It is suggested to install a patch to address this issue.

阅读： 18通告编号:NS-2026-0009TAG：安全更新、Windows、Office、Visual Studio、SQL Server

3月4号面试了安克创新的【终端安全专家】岗位，不过面试结果是挂了。通过面试复盘发现面试时长只有15分钟，但回答基本没有到位。

A sweeping automated supply chain attack codenamed “Megalodon” struck GitHub on May 18, 2026, injecting malicious CI/CD backdoors into over 5,500 repositories in less than six hours, marking one of the most aggressive GitHub Actions poisoning campaigns ever recorded. SafeDep discovered that between approximately 11:36 and 17:48 UTC on May 18, 2026, the Megalodon campaign […]

The post Megalodon Malware Compromised 5,500+ GitHub Repos Within 6 Hours appeared first on Cyber Security News.

SpaceX计划在得州奥斯丁附近建设一座10吉瓦太阳能工厂据悉 SpaceX 正计划在美国得克萨斯州奥斯汀附近建造一座规模庞大的10吉瓦 (GW) 太阳能制造工厂。此举是马斯克旨在为外太空人工智能（A

阅读： 1飞书作为当下热门主流协同办公软件，凭借简洁流畅的操作体验与全面实用的办公功能，如今被越来越多企业与职场人士广泛选用，成为日常办公

2026年5月22日 10:21软件资讯01.46K

阅读： 2文档编号 NS-2026-0010TAG：Xinference、PyPI、供应链攻击危害程度：高版本：1.0

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 7.1-rc3. The impacted element is the function iov_iter_get_pages2 of the component rds. The manipulation leads to infinite loop. This vulnerability is traded as CVE-2026-43494. Access to the local network is required for this attack to succeed. There is no exploit available. It is advisable to upgrade the affected component.

阅读： 4通告编号 NS-2026-0011TAG：Linux、kernel、CVE-2026-31431漏洞危害

阅读： 15通告编号 NS-2026-0012TAG：Linux、kernel、Dirty Frag漏洞危害：攻

Name: Hack for a Change 2026 May: UN SDG 1 (an Hack for a Change event.)
Date: May 19, 2026, midnight — 21 May 2026, 23:59 UTC  [add to calendar]
Format: Jeopardy
On-line
Offical URL: https://www.hackforachange.org/
Rating weight: 24.53
Event organizers: Hack for a Change

Waymo 已暂停了在旧金山、洛杉矶、凤凰城和迈阿密的高速公路上的自动驾驶出租车服务，因为其正在努力改善在施工区域的表现。Waymo 表示，公司正在将“最近的技术经验整合到我们的软件中，并预计很快恢复

阅读： 5通告编号 NS-2026-0013TAG：安全更新、Windows、Office、SQL Server、Azure漏洞危害：攻击