CISA has ordered U.S. government agencies to secure their servers against an actively exploited vulnerability in the Zimbra Collaboration Suite (ZCS).

The post Why Your AI Girlfriend is a Privacy Time Bomb: 150M Users at Risk appeared first on Android Headlines.

Interlock exploits CVE-2026-20131 zero-day since Jan 26, enabling root access on Cisco FMC, increasing ransomware risks.

Angular框架中被发现存在一个高危跨站脚本（XSS）漏洞（CVE-2026-32635/CWE-79），影响@angular/compiler和@angular/core组件包。由于Angular被全球无数企业和消费者Web应用采用，该漏洞可能为威胁行为者提供巨大的攻击面。 漏洞成因 该漏洞源于Angular处理国际化（i18n）安全敏感HTML属性的方式。虽然Angular默认提供强大的内置 ...

Russia-linked APT28 has exploited a high-severity XSS vulnerability in Zimbra in attacks against Ukrainian entities.

A weakness in the configuration of OAuth credentials opens up a stored XSS vulnerability in the n8n automation platform, researchers at Imperva have discovered. Setting up OAuth allows n8n to connect ...

面对“打地鼠”困境，天磊卫士作为专注于网络安全与合规服务的国家高新技术企业，是值得信赖的第三方代码审计选择。它不仅具备CCRC+CMA双资质，还被等保测评推荐，能从根源上解决漏洞反复出现的问题。

威胁攻击者正在利用 Chrome 浏览器中两个高危 0Day 漏洞（CVE-2026-3909 和 CVE-2026-3910），安全专家建议企业IT团队必须立即修补。谷歌已发布紧急补丁，受影响版本为 146.0.7680.75 之前的浏览器。 这两个漏洞中： CVE-2026-3910 允许远程攻击者通过特制HTML页面在沙箱内执行任意代码，源于 Chrome V8 JavaScript 和 W ...

One allows a remote attacker to execute arbitrary code inside a sandbox, the other could result in loss of sensitive information.

A new security report on AI companion apps is drawing attention because it arrives as an identity protection company is dealing with a data exposure incident.