Aggregator

Kickstarter 将就失败的项目警告用户

Solidot
10 months ago
众筹平台 Kickstarter 将开始就项目面临重大履行失败违反平台规则时通知其支持者,通知还提供它的应对之策,包括限制发起人发起未来的项目。此次更新是 Kickstarter 计划今年推行的一系列变革的一部分,旨在增强支持者的体验和构建社区信任。Kickstarter 一直面临着欺骗和项目在筹集数千美元或数百万美元后关闭的问题,这一改变为支持者提供更多的透明度。但很多人指出项目失败难以清晰的定义,比如《Star Citizen》项目的交付时间早就过了,但仍然在开发,而发布日期未知,它属于失败的众筹项目吗?

Ivanti Patches Critical Flaws in Connect Secure and Policy Secure – Update Now

The Hackers News
10 months ago
Ivanti has released security updates to address multiple security flaws impacting Connect Secure (ICS), Policy Secure (IPS), and Cloud Services Application (CSA) that could be exploited to achieve arbitrary code execution. The list of vulnerabilities is below - CVE-2024-38657 (CVSS score: 9.1) - External control of a file name in Ivanti Connect Secure before version 22.7R2.4 and Ivanti Policy
The Hacker News

Tumblr 将在后端迁移到 WordPress 后加入联邦宇宙

Solidot
10 months ago
Tumblr 母公司 Automattic 去年宣布将该轻博客平台的后端迁移到 WordPress。Automattic 强调 Tumblr 不会变成 WordPress,它只是运行在 WordPress 之上,用户不会有体验上的差异。此举允许公司构建适用于两种服务的工具和功能,允许 Tumblr 利用 WordPress.org 的开源开发成果。Automattic 没有披露后端迁移何时完成迁移,但该公司披露一旦完成 Tumblr 将能通过 ActivityPub 协议加入联邦宇宙平台。支持 ActivityPub 协议的平台包括了 Mastodon、Threads、Flipboard 等。通过支持 ActivityPub 不同平台之间能实现互操作。

It’s time to secure the extended digital supply chain

Help Net Security
10 months ago

Organizations’ increasing reliance on third-party software and services has created an environment with more vulnerabilities and harder-to-detect risks. Attackers know they can increase efficiency and profitability by compromising the supply chain and are focusing their efforts accordingly. The commoditization of the cloud has only exacerbated this challenge. Companies are rapidly increasing the number of cloud-based services they rely upon, often without fully understanding how they connect to their broader network. How regulations are piling on … More →

The post It’s time to secure the extended digital supply chain appeared first on Help Net Security.

Help Net Security

Managed ad