Aggregator

Web Highlights 是一款本地网页与 PDF 标记工具，支持高亮文本、添加备注和收藏网页，并提供标签系统和导出至 Notion 等应用的功能。无需注册即可使用本地存储，注册后可实现云端同步并支持多浏览器。

Проект на C предлагает альтернативу привычным решениям.

根据国家信息安全漏洞库（CNNVD）统计，本周（2025年7月14日至2025年7月20日）安全漏洞情况如下

环境异常提示需完成验证后继续访问，并提供验证链接。

亚马逊 AWS 证实它关闭了位于上海的 AI 实验室，称在彻底检查组织架构、优先事项和未来需要关注的重点之后，做出了一个艰难的商业决策。AWS 是在 2018 年 9 月宣布成立上海实验室，任命上海纽约大学（NYU Shanghai）计算机科学教授 Zhang Zheng 为主任。AWS 称有约 12 名员工受到实验室关闭的影响。曾在该 AI 实验室工作的科学家 Wang Minjie 将实验室成立时期形容为外资 AI 实验室在华的黄金时代。微软和 IBM 最近也都关闭了在华研究中心，微软还将部分在华研究人员转移到国外。

俄罗斯立法机构通过修正案，将使用VPN等代理工具定为犯罪行为，最高罚款8万卢布。

作者：Alex Cloud, Minh Le, James Chua, Jan Betley, Anna Sztyber-Betley, Jacob Hilton, Samuel Marks, Owain Evans 译者：知道创宇404实验室翻译组 原文链接：https://arxiv.org/html/2507.14805v1 摘要 我们研究了一种名为“隐匿学习”的现象，即语言模型可以通...

文章描述了HTTP错误代码521的含义及其常见原因。该错误通常与Cloudflare相关，表示Cloudflare无法从原始服务器获取内容，常见于服务器配置问题、资源不足或后端服务不可用等情况。解决方法包括检查服务器配置、优化资源使用或联系托管服务提供商以排查问题。

彼得·蒂尔的《从零到一》提倡通过建立垄断实现创新突破，但这种思维可能抑制竞争和开放生态系统的发展。真正创新往往源于竞争激烈的市场而非垄断环境。强调“秘密”可能导致排他性和知识封闭。创业者应平衡野心与谦逊，在解决实际问题中实现成功。

A vulnerability was found in Medtronic MyCareLink Patient Monitor 24950 and MyCareLink Patient Monitor 24952. It has been classified as critical. Affected is an unknown function. The manipulation leads to empty password in configuration file. This vulnerability is traded as CVE-2025-4395. It is possible to launch the attack on the physical device. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Medtronic MyCareLink Patient Monitor 24950 and MyCareLink Patient Monitor 24952 and classified as problematic. This issue affects some unknown processing. The manipulation leads to cleartext storage of sensitive information. The identification of this vulnerability is CVE-2025-4394. It is possible to launch the attack on the physical device. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Medtronic MyCareLink Patient Monitor 24950 and MyCareLink Patient Monitor 24952 and classified as critical. This vulnerability affects unknown code. The manipulation leads to deserialization. This vulnerability was named CVE-2025-4393. Attacking locally is a requirement. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in GitLab Community Edition and Enterprise Edition up to 18.0.4/18.1.2/18.2.0. This affects an unknown part. The manipulation leads to missing authorization. This vulnerability is uniquely identified as CVE-2025-1299. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in GitLab Community Edition and Enterprise Edition up to 18.0.4/18.1.2/18.2.0. Affected by this issue is some unknown functionality of the component Service Desk Email Address Handler. The manipulation leads to incorrect authorization. This vulnerability is handled as CVE-2025-0765. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in GitLab Enterprise Edition up to 18.0.4/18.1.2/18.2.0. Affected by this vulnerability is an unknown functionality of the component Duo Response Handler. The manipulation leads to exposure of sensitive information due to incompatible policies. This vulnerability is known as CVE-2025-4976. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in rennf93 fastapi-guard up to 3.0.1. Affected is an unknown function. The manipulation leads to inefficient regular expression complexity. This vulnerability is traded as CVE-2025-54365. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in bitnamicharts. It has been rated as problematic. This issue affects some unknown processing of the file /opt/bitnami/*/secrets. The manipulation leads to information disclosure. The identification of this vulnerability is CVE-2025-41240. The attack may be initiated remotely. There is no exploit available.

《War Robots》团队开发近战机器人SWORD Unit 190的过程充满挑战。为实现剑击战斗，团队需适应现有系统，并解决飞行定位、动画同步等问题。最终通过协作创新，成功引入近战玩法，并为未来更多 melee 机器人铺平道路。

A vulnerability was found in GitLab Community Edition and Enterprise Edition up to 18.0.4/18.1.2/18.2.0. It has been declared as problematic. This vulnerability affects unknown code of the component API. The manipulation leads to insufficient granularity of access control. This vulnerability was named CVE-2025-7001. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Kaltura Video Platform up to 11.1.0-1. It has been classified as critical. This affects the function redirectWidgetCmd of the component keditorservices. The manipulation leads to deserialization. This vulnerability is uniquely identified as CVE-2016-15044. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.