相關新聞
New Apple study challenges whether AI models truly “reason” through problems
Puzzle-based experiments reveal limitations of simulated reasoning, but others dispute findings.
Ars Technica
2025年06月12日 144 觀看次數
New TokenBreak Attack Bypasses AI Moderation with Single-Character Text Changes
Cybersecurity researchers have discovered a novel attack technique called TokenBreak that can be used to bypass a large language model's (LLM) safety and content moderation guardrails with just a single character change. "The TokenBreak attack targets a text classification model's tokenization strategy to...
The Hacker News
2025年06月12日 202 觀看次數
SmartAttack uses smartwatches to steal data from air-gapped systems
A new attack dubbed 'SmartAttack' uses smartwatches as a covert ultrasonic signal receiver to exfiltrate data from physically isolated (air-gapped) systems. [...]
Bleepingcomputer
2025年06月12日 181 觀看次數
Zero-click AI data leak flaw uncovered in Microsoft 365 Copilot
A new attack dubbed 'EchoLeak' is the first known zero-click AI vulnerability that enables attackers to exfiltrate sensitive data from Microsoft 365 Copilot from a user's context without interaction. [...]
Bleepingcomputer
2025年06月12日 189 觀看次數
Brute-force attacks target Apache Tomcat management panels
A coordinated campaign of brute-force attacks using hundreds of unique IP addresses targets Apache Tomcat Manager interfaces exposed online. [...]
Bleepingcomputer
2025年06月11日 188 觀看次數
Stealth Falcon APT Exploits Microsoft RCE Zero-Day in Mideast
The bug is one of 66 disclosed and patched today by Microsoft as part of its June 2025 Patch Tuesday set of security vulnerability fixes.
Dark Reading
2025年06月11日 302 觀看次數
FBI: BADBOX 2.0 Android malware infects millions of consumer devices
The FBI is warning that the BADBOX 2. malware campaign has infected over 1 million home Internet-connected devices, converting consumer electronics into residential proxies that are used for malicious activity. [...]
Bleepingcomputer
2025年06月06日 239 觀看次數
Fake DocuSign, Gitcode Sites Spread NetSupport RAT via Multi-Stage PowerShell Attack
Threat hunters are alerting to a new campaign that employs deceptive websites to trick unsuspecting users into executing malicious PowerShell scripts on their machines and infect them with the NetSupport RAT malware.
The Hacker News
2025年06月04日 244 觀看次數
Hewlett Packard Enterprise warns of critical StoreOnce auth bypass
Hewlett Packard Enterprise (HPE) has issued a security bulletin to warn about eight vulnerabilities impacting StoreOnce, its disk-based backup and deduplication solution.
Bleeping Computer
2025年06月04日 286 觀看次數
Cryptojacking Campaign Exploits DevOps APIs Using Off-the-Shelf Tools from GitHub
Cybersecurity researchers have discovered a new cryptojacking campaign that's targeting publicly accessible DevOps web servers such as those associated with Docker, Gitea, and HashiCorp Consul and Nomad to illicitly mine cryptocurrencies.
The Hacker News
2025年06月03日 224 觀看次數
