白帽黑客公开 Windows 零日漏洞,微软强硬回应引争议
白帽黑客接连曝光六个Windows高危漏洞,微软严厉回应引发行业对“负责任披露”规则的激烈争议。
IT之家 5 月 31 日消息,Windows 是全球使用范围最广的操作系统,它和微软旗下云服务 Azure 频频成为黑客攻击与漏洞利用的目标。 据IT之家了解,为应对网络攻击,微软长期和各类安全研究员(也就是常说的白帽黑客)展开合作。这些研究员会检测微软系统的安全防护体系,并上报发现的问题。为此微…
GitHub bans security researcher who posted zero-day Windows exploits
GitHub封禁发布Windows零日漏洞的安全研究员,引发对平台政策和安全研究边界的争议
Article URL: https://www.tomshardware.com/tech-industry/cyber-security/microsofts-github-bans-security-researcher-who-posted-zero-day-windows-exploits…
Dirty Frag: a kernel zero-day vs. container and microVM sandboxes
两个Linux内核零日漏洞CVE-2026-43284/43500,让非特权用户轻松获取root权限,微软已确认在野利用,容器和微VM沙箱面临严峻考验。
On May 7, Hyunwoo Kim (V4bel) disclosed Dirty Frag — two Linux kernel vulnerabilities (CVE-2026-43284 and CVE-2026-43500) that give unprivileged users…
Google publishes exploit code threatening millions of Chromium users
Google主动公开Chromium高危漏洞利用代码,数百万用户面临安全风险
Google publishes exploit code before patch, reported 29 months earlier, is fixed.
Zero-Day Exploit Against Windows BitLocker
Windows BitLocker曝零日漏洞YellowKey,只需物理接触即可绕过TPM加密,企业用户务必警惕物理访问安全
It’s nasty , but it requires physical access to the computer: The exploit, named YellowKey, was published earlier this week by a researcher who …