OpenGuardrails是首个完整开源的企业级大模型安全护栏平台，支持119种语言、统一LLM架构、可配置敏感度策略、多云部署。本报告深度解析其核心技术创新、应用场景、部署模式、性能对标与未来发展，为金融、医疗、法律等受管制行业的AI应用提供安全合规指引。通过分析OpenGuardrails的可配置策略、高效模型设计与生产级基础设施，揭示下一代AI安全护栏的发展方向。

An injection vulnerability exists in the open source software grafana, where an attacker can use a post request to the /api/ds/query api, and then they can modify the "rawSql" file to execute a malicious sql string, resulting in a blind time-based sql injection vulnerability that poses the threat of a database compromise.

The LockBit ransomware-as-a-service (RaaS) operation is the "leading" ransomware threat globally in 2022, with the highest number of targets.

This post focuses on the global landscape of ransomware attacks, the current state of the industry, and why attackers favor such attacks. The report points out that losses from ransom attacks mainly stem from business interruption, ransom payment and data leakage, and the amount of losses continues to climb. Domestically, companies are adopting a strategy of dealing with ransom incidents in secret, while regulators have also issued related prevention requirements. The article also describes the development of the ransom attack industry, including the rise of the "ransom-as-a-service" model.

New research has found that more than 15,000 Go module repositories on GitHub are vulnerable to an attack called repojacking. "Jacob Baines, CTO of VulnCheck (…

This is Google’s fourth annual review [2021, 2020, 2019] of 0day vulnerabilities exploited in the wild, and is based on the mid-2022 review. The purpose of this report is not to detail each individual vulnerability, but to analyze vulnerabilities throughout the year, looking for trends, gaps, lessons learned, and successes.

Overview: Since Forrester analyst John Kindwig proposed the term "Zero Trust" in 2010, with the rise of the digital economy and remote working, Zero Trust has gradually moved from concept to implementation. As a new generation of network…