Anthropic的Project Glasswing项目：一个月内发现超过10,000个漏洞，补丁问题从未如此明显 - 惯性聚合

推荐订阅源

Recent Announcements

Last Week in AI

奇客Solidot–传递最新科技情报

酷壳 – CoolShell

大猫的无限游戏

Microsoft Azure Blog

阮一峰的网络日志

让小产品的独立变现更简单 - ezindie.com

罗磊的独立博客

aimingoo的专栏

博客园 - 三生石上(FineUI控件)

Visual Studio Blog

Cybersecurity and Infrastructure Security Agency CISA

Full Disclosure

True Tiger Recordings

Future of Privacy Forum

Troy Hunt's Blog

Hugging Face - Blog

Google DeepMind News

Attack and Defense Labs

Palo Alto Networks Blog

博客园_首页

博客园 - 聂微东

Apple Machine Learning Research

cs.CV updates on arXiv.org

Kaspersky official blog

IntelliJ IDEA : IntelliJ IDEA – the Leading IDE for Professional Development in Java and Kotlin | The JetBrains Blog

有赞技术团队

Privacy & Cybersecurity Law Blog

Security Affairs

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 98 Security Affairs newsletter Round 578 by Pierluigi Paganini – INTERNATIONAL EDITION U.S. CISA adds a flaw in Drupal Core to its Known Exploited Vulnerabilities catalog CVE-2026-9082: Drupal’s Highly Critical SQL Injection Flaw Is Already Under Active Attack Why pure extortion is replacing traditional ransomware Ghostwriter Is Back, Using a Ukrainian Learning Platform as Bait to Hit Government Targets Authorities arrest 23-year-old accused of running the Kimwolf botnet U.S. CISA adds Trend Micro Apex One and Langflow to its Known Exploited Vulnerabilities catalog One Telecom Provider Hosted Most of the Middle East ’s Active C2 Infrastructure U.S. CISA adds Microsoft and Adobe flaws to its Known Exploited Vulnerabilities catalog Global law enforcement operation takes First VPN offline Apple Blocks Over 2 Million Apps in 2025 Fraud Crackdown Attackers are bypassing MFA on SonicWall VPNs because something was wrong with previous fix Cisco fixed maximum severity flaw CVE-2026-20223 in Secure Workload Discord adds end-to-end encryption to voice and video calls by default PinTheft: Another Linux Privilege Escalation, Another Working Exploit, This Time Targeting Arch Microsoft issues YellowKey mitigation, no patch yet Carding site B1ack’s Stash dumps 4.6 Million stolen cards for free A malicious VS code extension just breached GitHub ‘s internal repositories DirtyDecrypt: PoC Released for yet another Linux flaw Alleged Huawei zero-day blamed for the 2025 Luxembourg telecom crash Drupal is rolling out an emergency security update on May 20. You cannot miss it Microsoft dismantled malware-signing network Fox Tempest Poland shifts away from Signal following cyberattacks on officials’ accounts Massive MENA cybercrime Operation Ramz disrupts infrastructure and arrests 201 suspects Shai-Hulud worm copycats emerge after source code leak Grafana confirms GitHub token breach cybercrime group claims the attack ShinyHunters hack 7-Eleven: franchisee data and Salesforce records exposed Public Amazon bucket leaks sensitive guest data from Japanese hotel platform Tabiq Chaotic Eclipse discloses MiniPlasma zero-day, suggesting a missing or undone 2020 Windows security fix Experts warn of active exploitation of critical NGINX flaw CVE-2026-42945 Experts warn of active exploitation of critical NGINX flaw CVE-2026-42945 SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 97 Security Affairs newsletter Round 577 by Pierluigi Paganini – INTERNATIONAL EDITION Attackers exploit Funnel Builder bug to inject e-skimmers into e-stores Pwn2Own Berlin 2026, Day Three: DEVCORE Crowned Master of Pwn, $1.298 Million Total U.S. CISA adds a flaw in Microsoft Exchange Server to its Known Exploited Vulnerabilities catalog Russian APT Turla builds long-term access tool with Kazuar Botnet evolution OpenAI hit by supply chain attack linked to malicious TanStack packages Pwn2Own Berlin 2026, Day Two: $385,750 more, Microsoft Exchange falls, and the running total crosses $900K CVE-2026-42897: Microsoft confirms active exploitation of Exchange Server zero-day Ghostwriter group resumes attacks on Ukrainian Government targets Researchers uncover YellowKey and GreenPlasma Windows Zero-Days Pwn2Own Berlin 2026, Day One: $523,000 paid out, AI products fall U.S. CISA adds a flaw in Cisco Catalyst SD-WAN to its Known Exploited Vulnerabilities catalog Linux Kernel bug Fragnesia allows local root access attacks Broadcom releases VMware Fusion security update for root access bug NGINX Rift: an 18-year-old flaw in the world’s most deployed web server just came to light FamousSparrow targets Azerbaijani energy sector in multi-wave espionage campaign Nitrogen Ransomware claims massive data theft from Foxconn

Anthropic的Project Glasswing项目：一个月内发现超过10,000个漏洞，补丁问题从未如此明显

Pierluigi Pa · 2026-05-24 · via Security Affairs

此内容由惯性聚合(RSS阅读器)自动聚合整理，仅供阅读参考。原文来自 — 版权归原作者所有。