Aggregator

5月15日，我们北京见，欢迎报名！

Steam и западные издатели балансируют на грани блокировки из‑за персональных данных.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Palo Alto Networks PAN-OS to its Known Exploited Vulnerabilities catalog The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in the Palo Alto Networks PAN-OS, tracked as CVE-2026-0300 (CVSS score of 9.3), to its Known Exploited Vulnerabilities (KEV) catalog. The flaw is a buffer […]

A vulnerability classified as critical has been found in Google Chrome. The impacted element is an unknown function of the component Blink. The manipulation leads to integer overflow. This vulnerability is uniquely identified as CVE-2026-7896. The attack is possible to be carried out remotely. No exploit exists. It is recommended to upgrade the affected component.

A vulnerability was found in Google Chrome. It has been rated as critical. The affected element is an unknown function of the component WebRTC. The manipulation leads to use after free. This vulnerability is uniquely identified as CVE-2026-8016. The attack is possible to be carried out remotely. No exploit exists. Upgrading the affected component is advised.

A vulnerability identified as critical has been detected in Google Chrome. Affected is an unknown function of the component WebRTC. This manipulation causes use after free. This vulnerability is tracked as CVE-2026-7987. The attack is possible to be carried out remotely. No exploit exists. You should upgrade the affected component.

A vulnerability has been found in Google Android and classified as problematic. The affected element is an unknown function. Performing a manipulation results in buffer overflow. This vulnerability is identified as CVE-2022-25687. The attack can only be performed from the local network. There is not any exploit available. It is suggested to install a patch to address this issue.

A vulnerability, which was classified as critical, was found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music and Snapdragon Wearables. Impacted is an unknown function of the component ASF Clip Parser. Such manipulation leads to memory corruption. This vulnerability is documented as CVE-2022-25687. The attack can be executed remotely. There is not any exploit available. You should upgrade the affected component.

A vulnerability marked as problematic has been reported in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile and Snapdragon Wearables. This issue affects some unknown processing of the component Modem Module. This manipulation causes denial of service. This vulnerability is tracked as CVE-2022-25685. The attack is possible to be carried out remotely. No exploit exists. It is suggested to upgrade the affected component.

A vulnerability labeled as critical has been found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music and Snapdragon Wearables. This vulnerability affects unknown code of the component Modem UIM. The manipulation results in memory corruption. This vulnerability is identified as CVE-2022-25682. The attack is only possible with local access. There is not any exploit available. The affected component should be upgraded.

五大出版商 Hachette、Macmillan、McGraw Hill、Elsevier 和 Cengage 以及作家 Scott Turow 起诉 Meta 公司及其 CEO 扎克伯格(Mark Zuckerberg)，指控扎克伯格个人授权和积极鼓励大规模版权侵犯，使用盗版图书、期刊论文和网络抓取的资料训练 Meta 公司的 Llama AI 系统。Meta 否认有任何不当行为，表示将应诉，称法院已认定使用受版权保护的材料训练 AI 属于合理使用。用版权材料训练 AI 可能是合理使用，但 Meta 使用了非法手段获取了版权材料。起诉书称，为了赢得 AI 军备竞赛并构建一个功能完善的生成式 AI 模型，Meta 和扎克伯格遵循了其“快速行动打破常规”的信条，首先从盗版网站非法下载了数百万本受版权保护的书籍和期刊文章，未经授权抓取了几乎整个互联网的内容，构成了历史上最大规模的版权侵权之一。

A vulnerability was found in Linux Kernel up to 6.6.135/6.12.82/6.18.23/6.19.13 and classified as critical. This affects the function s3fwrn82_uart_read. Executing a manipulation can lead to buffer overflow. This vulnerability is registered as CVE-2026-43098. The attack requires access to the local network. No exploit is available. It is suggested to upgrade the affected component.

A vulnerability described as critical has been identified in Linux Kernel up to 6.19.13. This issue affects the function mshv_handle_gpa_intercept of the component mshv. Such manipulation leads to denial of service. This vulnerability is referenced as CVE-2026-43096. The attack needs to be initiated within the local network. No exploit is available. Upgrading the affected component is recommended.

A vulnerability has been found in Linux Kernel up to 6.19.13 and classified as critical. Affected by this issue is the function hv_pci_probe in the library lib/idr.c. Performing a manipulation results in allocation of resources. This vulnerability is cataloged as CVE-2026-43097. The attack must originate from the local network. There is no exploit available. The affected component should be upgraded.

И сделал это с помощью ИИ.

美国国家海洋和大气管理局（NOAA）位于夏威夷 Mauna Loa 的天文台纪录到四月二氧化碳平均浓度为创纪录的 431 ppm。气候变化非营利组织 Climate Central 的气候学家 Zachary Labe 表示，这一纪录令人沮丧但并不出人意料，表明随着地球持续变暖大气二氧化碳浓度不断增加。他解释说，大气中二氧化碳含量通常在每年四月达到峰值，因为冬季过后腐烂的植物会释放温室气体。部分二氧化碳会在温暖月份植物生长过程中重新吸收。但 NOAA 的数据显示显示了一个令人担忧的趋势，二氧化碳月平均浓度在持续上升。