Aggregator

NASA、NOAA 和 Solar Cycle Prediction Panel 周二宣布，太阳活动进入极大期，预计会持续到明年。太阳周期是太阳在高低磁场活动之间转变的自然周期，一个周期平均约 11 年。在太阳磁场活动的高峰期，磁极会发生翻转，这相当于地球南北磁极互换。在太阳活动极小期，其表面几乎没有黑子；而在极大期，黑子会大量出现。2024 年 5 月，太阳耀斑持续爆发，日冕物质抛射 (CME) 向地球发射带电粒子云和磁场，形成了 20 年以来地球最强的地磁风暴，产生了可能也是过去 500 年有记录以来最强的极光。科学家预计，太阳活动高峰期将持续一年左右，之后太阳将进入活动的低谷。

Cassini – последняя миссия центра Льюиса и толчок для новых открытий.

A vulnerability, which was classified as very critical, was found in SUSE Rancher up to 2.7.13/2.8.4. Affected is an unknown function. The manipulation leads to improper authentication. This vulnerability is traded as CVE-2023-22650. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

台积电市值再触万亿美元；微信宣布小程序翻译功能上线；文远知行发布全新量产 Robotaxi 车型。

A vulnerability, which was classified as problematic, has been found in paytiumsupport Paytium Plugin up to 4.3.7 on WordPress. This issue affects the function create_mollie_profile. The manipulation leads to missing authorization. The identification of this vulnerability is CVE-2023-7294. The attack may be initiated remotely. There is no exploit available.

A vulnerability classified as problematic was found in paytiumsupport Paytium Plugin up to 4.3.7 on WordPress. This vulnerability affects the function check_mollie_account_details. The manipulation leads to missing authorization. This vulnerability was named CVE-2023-7293. The attack can be initiated remotely. There is no exploit available.

Брешь в безопасности мессенджера позволяет узнать ОС и устройства собеседника.

A vulnerability classified as problematic has been found in File Manager Pro Plugin up to 8.3.9 on WordPress. This affects the function mk_file_folder_manager_shortcode of the component Shortcode Handler. The manipulation leads to unrestricted upload. This vulnerability is uniquely identified as CVE-2024-8746. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in SolarWinds Serv-U up to 15.4.2 HF2. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2024-45714. The attack may be launched remotely. There is no exploit available.

A vulnerability was found in SolarWinds Platform up to 2024.2.1. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Edit Handler. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2024-45715. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in SolarWinds Platform up to 2024.2.1. It has been classified as critical. Affected is an unknown function. The manipulation leads to uncontrolled search path. This vulnerability is traded as CVE-2024-45710. Attacking locally is a requirement. There is no exploit available.

A vulnerability was found in WooCommerce Product Vendors Plugin up to 2.0.35 on WordPress and classified as problematic. This issue affects some unknown processing. The manipulation of the argument vendor_description leads to cross site scripting. The identification of this vulnerability is CVE-2017-20193. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in sekler Mapplic Plugin and Mapplic Lite Plugin on WordPress and classified as critical. This vulnerability affects unknown code of the component SVG File Handler. The manipulation leads to server-side request forgery. This vulnerability was named CVE-2012-10018. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in blindsidenetworks BigBlueButton Plugin up to 3.0.0-beta.4 on WordPress. This affects an unknown part. The manipulation of the argument moderator code/viewer code leads to cross site scripting. This vulnerability is uniquely identified as CVE-2023-7296. It is possible to initiate the attack remotely. There is no exploit available.

As organizations and their volume of Microsoft 365 data grow, protecting sensitive data and managing access has become even more important. The need for strong security and governance practices is only intensified as more organizations leverage powerful AI tools like Microsoft 365 Copilot. Rubrik announces Rubrik Data Security Posture Management (DSPM) for Microsoft 365 Copilot to provide greater visibility and control of sensitive data, reduce the risk of exposure, and empower organizations to securely adopt … More →

The post Rubrik DSPM for Microsoft 365 Copilot reduces the risk of sensitive data exposure appeared first on Help Net Security.

New government grants for AI safety research are designed to fund work into deepfakes and other cyber risks

为国家数字经济高质量发展持续保驾护航