InfoQ

Evaluating AI Agents in Practice: Benchmarks, Frameworks, and Lessons Learned

This article introduces practical methods for evaluating AI agents operating in real-world environments. It explains how to ...
Analytics Insight

PDF vs CSV Financial Data Extraction: Choosing the Right Approach

If you’re wrangling financial data, the choice between PDF and CSV formats can seriously impact your workflow. PDFs look sharp and preserve layouts, but they tr ...
Cybernews

Malicious campaign targeting vulnerable OpenWebUI servers: technical analysis

During an investigation into exposed OpenWebUI servers, the Cybernews research team identified a malicious campaign targeting vulnerable OpenWebUI servers with cryptocurrency miners and Info Stealers.

医疗机器人系统网络钓鱼攻击链分析与防御架构重构

随着医疗信息化与智能化程度的不断加深,以达芬奇手术系统(da Vinci Surgical System)为代表的医疗机器人已深度嵌入现代外科手术流程。然而,2026年3月发生的针对直觉外科公司(Intuitive ...

基于信任链劫持的高级钓鱼攻击机制与防御策略研究

此次攻击并未使用典型的恶意基础设施,而是精心构建了一条包含七个步骤的重定向链条。攻击者利用了包括思科(Cisco)安全邮件网关、Nylas邮件API平台在内的全球知名合法服务作为跳板,结合双重DKIM签名技术确保邮件通过DMARC验证,并利用过期域名的重新注册获取历史信誉,最终将受害者引导至受Cloudflare保护的钓鱼页面。这种攻击手法的核心在于“信任传递”:攻击者不直接建立信任,而是通过劫持 ...
腾讯网

龙虾爆出漏洞,斯坦福OpenJarvis重新定义本地AI Agent,附实测

安全审计一查, 512 个漏洞,其中 8 个是「严重」级别。更离谱的是,有人发现互联网上有超过 2 万个 OpenClaw 实例直接暴露在公网上,API 密钥、OAuth token 全都裸奔。