Aggregator

今天推送安全与新兴技术研究中心的人工智能在军事决策中的应用分析报告：用于军事决策的人工智能。

今天给大家推送“新美国”智库有关脑机接口（BCI）技术发展与应用分析报告：神经科技的崛起及其对我们脑数据的风险。

今天推送安全与新兴技术研究中心的人工智能在军事决策中的应用分析报告：用于军事决策的人工智能。

今天给大家推送“新美国”智库有关脑机接口（BCI）技术发展与应用分析报告：神经科技的崛起及其对我们脑数据的风险。

今天推送安全与新兴技术研究中心的人工智能在军事决策中的应用分析报告：用于军事决策的人工智能。

今天给大家推送“新美国”智库有关脑机接口（BCI）技术发展与应用分析报告：神经科技的崛起及其对我们脑数据的风险。

A vulnerability was found in Google Chrome. It has been rated as critical. This issue affects some unknown processing of the component V8 API. The manipulation leads to out-of-bounds read. The identification of this vulnerability is CVE-2024-4059. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in Metagauss RegistrationMagic Plugin up to 5.1.9.2 on WordPress. Affected is an unknown function. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2023-23989. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability has been found in Foliovision FV Flowplayer Video Player Plugin up to 7.5.44.7212 on WordPress and classified as problematic. This vulnerability affects unknown code. The manipulation leads to open redirect. This vulnerability was named CVE-2024-32078. The attack can be initiated remotely. There is no exploit available.

A vulnerability was found in Crocoblock JetFormBuilder Plugin up to 3.1.4 on WordPress. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to basic cross site scripting. This vulnerability is known as CVE-2023-48763. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in AlumniOnline Web Services WP ADA Compliance Check Basic Plugin up to 3.1.3 on WordPress. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross-site request forgery. This vulnerability is handled as CVE-2024-32947. The attack may be launched remotely. There is no exploit available.

The Health Sector Coordinating Council is urging the Trump administration to drop work on a proposed HIPAA security rule update and instead engage in a collaborative dialogue with healthcare sector leaders to create alternative cyber requirements, said Greg Garcia, executive director of HSCC.

Incentives, Technology Barriers and Fraud Fears Hamper FedNow Growth
Economic hesitation, legacy concerns and escalating fraud fears have hampered the adoption of a payment rail touted as the next big thing in the U.S. payment landscape, with government backing and technological promise of clear benefits to consumers and the financial sector.

Also: Gootloader Malware, GCHQ Intern Pleads Guilty, Check Point Breach Update
This week, a "Fast Flux" warning, Gootloader malware, an GCHQ intern pleaded guilty to stealing top secret data and Check Point undercuts hacking claim. Also, Google rolled out end-to-end encryption for some Gmail users, Apple backported patches and Dutch prosecutors cut internet access.

European Commission Demands Law Enforcement Access to Data
The European Commission’s ProtectEU strategy aims to overhaul internal security, proposing law enforcement access to encrypted data by 2026 and a roadmap to explore lawful encryption backdoors and enhanced intelligence-sharing between EU member states and agencies to combat rising cyber threats.

11 Cyber Stocks Fared Worse Than the Nasdaq Thursday After Trump Announced Tariffs
Cybersecurity vendors took Thursday's sell-off hard, with Cloudflare, Fortinet and SailPoint experiencing big stock price drops after President Trump announced higher-than-expected tariffs. Eleven publicly traded cybersecurity firms fared worse than the Nasdaq while 12 companies fared better.

Microchip TimeProvider 4100 (Configuration modules) 2.4.6 - OS Command Injection

Microchip TimeProvider 4100 Grandmaster (Banner Config Modules) 2.4.6 - Stored Cross-Site Scripting (XSS)

Angular-Base64-Upload Library 0.1.20 - Remote Code Execution (RCE)

International cooperation, reporting, and capacity building are critical to enhance cybersecurity defenses. Effective governance in an increasingly risky landscape requires visibility as well as coordinated vulnerability disclosure.