Aggregator

Microsoft закрыла любимую схему мошенников.

360携手麒麟软件、统信 筑牢信创安全防护体系！

定向攻击国内企事业单位员工，尤其 HR、行政及全员

看雪论坛作者ID：S1nyer

考证直接加积分60，最高补贴3250元

As AI expands the attack surface and alert fatigue grows, cyber exposure management offers a clearer path to understanding where risk truly concentrates and how to reduce it before a crisis hits.

The post The readiness paradox: Why a false sense of cyber confidence is becoming a liability appeared first on CyberScoop.

创作方式或许正在被 AI 不停地改变，但剪映是那个让创作者不断回来的「老地方」。

A newly disclosed Linux kernel vulnerability, tracked as CVE-2026-46333, exposes a serious local privilege escalation flaw that has remained undetected for nearly nine years. Security researchers at the Qualys Threat Research Unit (TRU) revealed that the issue allows attackers to exfiltrate sensitive data, including SSH private keys, and execute arbitrary commands as root on affected […]

The post Nine-year-old Linux Kernel Vulnerability Let Attackers Exfiltrate SSH Private Keys appeared first on Cyber Security News.

分享一篇文章。

2026年5月20日，深瞳漏洞实验室监测到一则Linux Kernel组件存在权限提升漏洞的信息，漏洞威胁等级：高危。

Two newly disclosed Microsoft Defender vulnerabilities are being actively exploited in the wild, enabling local attackers to elevate privileges to SYSTEM and potentially disrupt endpoint protection across Windows environments. The bugs, tracked as CVE‑2026‑41091 (Elevation of Privilege) and CVE‑2026‑45498 (Denial of Service), were published on May 19, 2026, and affect core Microsoft Defender components used […]

The post New Microsoft Defender 0‑Days Actively Exploited in the Wild appeared first on Cyber Security News.

美国网络司令部通过“稳健基础设施”计划全面支撑网络空间攻防作战

漏洞利用成最流行攻击手段，去年至少导致6800起数据泄露事件

基于 Chromium 的浏览器 Vivaldi 释出了 8.0 版本。Vivaldi 由 Opera 联合创始人谭咏文（Jon von Tetzchner）创办。Vivaldi 8.0 的新特性包括：被称为 Unified 的新外观，所有元素都统一在一个视觉平面上；提供了六种预设布局，其中之一是垂直标签，用户可选择垂直左侧、垂直右侧两种垂直标签布局，其它还有经典、简洁、自动隐藏以及底部四种布局。

A dangerous piece of malware known as BadIIS has been actively targeting Internet Information Services (IIS) web servers, quietly hijacking them and redirecting unsuspecting visitors to illegal gambling sites, adult content platforms, and other illicit destinations. The attacks have been going on for years across the Asia-Pacific region and beyond, placing thousands of legitimate websites […]

The post BadIIS Malware Turns Hijacks IIS Servers and Redirect Users to Illicit Sites appeared first on Cyber Security News.

Личная связь получила новый слой приватности, но привычный сценарий общения остался прежним.

某oa存在任意文件读取漏洞，第一个log文件中泄露了部分加密过的用户的登录密码等信息，对其密码进行分析破解。

致力于第一时间为企业级用户提供权威漏洞情报和有效解决方案。

Cisco has disclosed a critical security vulnerability in its Secure Workload platform that could allow unauthenticated attackers to gain unauthorized access to sensitive resources via internal APIs. The flaw, tracked as CVE-2026-20223, carries a maximum CVSS score of 10.0 and is categorized under CWE-306 (Missing Authentication for Critical Function). The issue stems from improper authentication […]

The post Critical Cisco Secure Workload Vulnerability Enables Unauthorized API Access appeared first on Cyber Security News.