Aggregator

嗯，用户让我总结一篇文章的内容，控制在100字以内，而且不需要特定的开头。我得先看看文章内容。文章标题是“环境异常”，内容提到当前环境异常，完成验证后可以继续访问，并有一个“去验证”的链接。 首先，我需要确定文章的主题。看起来是关于网络或系统环境出现异常的情况，用户需要进行验证才能继续使用。这可能涉及到安全验证或者身份验证。 接下来，我要提取关键信息：环境异常、完成验证、继续访问、去验证链接。这些是主要内容点。 然后，我需要用简洁的语言把这些点组合起来，控制在100字以内。可能的结构是：描述问题（环境异常）、解决方法（完成验证）、结果（继续访问）、行动呼吁（点击链接）。 最后，检查是否符合用户的要求：不使用特定开头，直接描述内容，控制字数。确保语言流畅自然。 当前网络环境出现异常状态，需完成验证流程后方可继续访问相关内容或服务。

少数派 Matrix 社区重启周报并新增内容与投稿，聚焦冬季火锅搭子话题及科技、生活热议。

Telegram заменяет СМС-коды на ключи доступа.

A vulnerability was found in Linux Kernel up to 6.1.15/6.2.2 and classified as critical. Affected is the function pci_bus_insert_busn_res. Such manipulation leads to memory leak. This vulnerability is uniquely identified as CVE-2023-53814. The attack can only be initiated within the local network. No exploit exists. It is suggested to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.0.2 and classified as critical. Affected by this issue is the function direct_mutex in the library ftrace-direct-modify.ko of the component ftrace. Performing manipulation results in deadlock. This vulnerability is known as CVE-2022-50648. Access to the local network is required for this attack. No exploit is available. The affected component should be upgraded.

速修复

问题根源仍不清晰

由于环境异常，用户需完成验证后才能继续访问。

好的，用户让我总结一下这篇文章的内容，控制在一百个字以内，而且不需要特定的开头。首先，我需要理解文章的主题。看起来文章提到“环境异常”，并且建议完成验证后可以继续访问。还有“去验证”的链接。 接下来，我要确定用户的需求是什么。他们可能是在访问某个网站或服务时遇到了问题，需要快速了解情况。所以总结的时候要简洁明了，直接说明问题和解决方法。 然后，我要考虑如何在有限的字数内准确传达信息。重点是环境异常导致无法访问，需要完成验证才能继续。所以我会用简短的句子来表达这一点。 最后，检查一下是否符合用户的要求：一百字以内，没有特定的开头，直接描述内容。确保信息准确无误，并且易于理解。 当前环境出现异常问题，需完成验证后方可继续访问。

网络安全研究人员发现两个伪装成深色主题和AI助手的恶意VS Code扩展程序，它们窃取开发者敏感数据并发送至攻击者服务器。微软已移除相关恶意扩展及同名包。

Cybersecurity researchers have discovered two new extensions on Microsoft Visual Studio Code (VS Code) Marketplace that are designed to infect developer machines with stealer malware. The VS Code extensions masquerade as a premium dark theme and an artificial intelligence (AI)-powered coding assistant, but, in actuality, harbor covert functionality to download additional payloads, take

Устройство за €30–60, которое админы подключают к серверам ради удобства, оказалось способно тайно записывать звук и сливать трафик в Китай.

A vulnerability has been found in Linux Kernel up to 6.17.10 and classified as critical. This impacts the function xsk_cq_submit_addr_locked of the component xsk. The manipulation leads to null pointer dereference. This vulnerability is listed as CVE-2025-40290. The attack must be carried out from within the local network. There is no available exploit. The affected component should be upgraded.

A vulnerability was found in Linux Kernel up to 6.12.58/6.17.8 and classified as critical. Affected by this issue is the function exfat_find. The manipulation results in denial of service. This vulnerability is reported as CVE-2025-40287. The attacker must have access to the local network to execute the attack. No exploit exists. It is suggested to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.158/6.6.116/6.12.58/6.17.8. It has been declared as critical. This vulnerability affects the function ttm_resource_manager_usage of the component amdgpu. Such manipulation leads to null pointer dereference. This vulnerability is traded as CVE-2025-40288. The attack can be executed directly on the physical device. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.12.58/6.17.8. Affected by this issue is some unknown functionality of the component amdgpu. The manipulation leads to denial of service. This vulnerability is listed as CVE-2025-40289. The attack must be carried out from within the local network. There is no available exploit. It is advisable to upgrade the affected component.

A vulnerability described as critical has been identified in Linux Kernel up to 6.1.158/6.6.116/6.12.58/6.17.8. This impacts the function smb2_sess_setup. Such manipulation leads to improper update of reference count. This vulnerability is referenced as CVE-2025-40285. The attack needs to be initiated within the local network. No exploit is available. Upgrading the affected component is recommended.

A vulnerability classified as critical has been found in Linux Kernel up to 6.1.158/6.6.116/6.12.58/6.17.8. Affected is the function smb2_read. Performing manipulation results in memory leak. This vulnerability is identified as CVE-2025-40286. The attack can only be performed from the local network. There is not any exploit available. It is recommended to upgrade the affected component.

A vulnerability marked as critical has been reported in Linux Kernel up to 6.1.158/6.6.116/6.12.58/6.17.8. This affects the function mesh_send_done of the component Bluetooth. This manipulation causes use after free. The identification of this vulnerability is CVE-2025-40284. The attack needs to be done within the local network. There is no exploit available. It is suggested to upgrade the affected component.