威胁攻击者正在利用 Chrome 浏览器中两个高危 0Day 漏洞（CVE-2026-3909 和 CVE-2026-3910），安全专家建议企业IT团队必须立即修补。谷歌已发布紧急补丁，受影响版本为 146.0.7680.75 之前的浏览器。

威胁攻击者正在利用Chrome浏览器中两个高严重性零日漏洞，专家表示IT团队必须立即修补这些漏洞。 谷歌已为这两个安全漏洞发布紧急补丁，分别为CVE-2026-3909和CVE-2026-3910。这发生在三月补丁星期二发布29个漏洞修复程序几天后，以及二月发布零日补丁之后。受影响的是146.0.7680.75版本之前的浏览器。 这些漏洞利用为信息安全负责人提供了另一个理由，需要确保为所有授权浏览 ...

A weakness in the configuration of OAuth credentials opens up a stored XSS vulnerability in the n8n automation platform, ...

Executive Summary We identified a security weakness in n8n’s credential management layer that could have completely compromised the application’s security. This finding highlights the core risks of ...

One allows a remote attacker to execute arbitrary code inside a sandbox, the other could result in loss of sensitive information.

废弃原因：属于非标准遗留特性，参数规则和substring、slice不一致，极易混淆，已被纳入ECMA附录B，仅为兼容旧代码保留，不推荐新代码使用。 废弃原因：语义不统一，标准规范已推出语义更清晰的替代方法，部分新版浏览器已逐步移除支持。 废弃原因：编码 ...

Surf AI, the agentic operations platform for modern security teams, today announced its launch and $57 million in funding to accelerate the development of its AI-native security execution offerings.

A high-severity Chrome vulnerability has allowed malicious extensions to exploit the Gemini panel and gain elevated access to ...

A compromised Chrome extension with 7,000 users was updated to deploy malware, strip security headers, and steal cryptocurrency wallet seed phrases.

Today, monday.com (NASDAQ: MNDY), the AI work platform that turns strategy into execution at scale, announced the filing of its 2025 Annual Report on Form 20-F with the Securities and Exchange ...