Aggregator

根据发表在 PNAS 期刊上的一项研究，微塑料污染正通过破坏植物光合作用能力而大幅减少食物供应。由于微塑料无处不在，分析估计 4%-14% 小麦、大米和玉米作物正蒙受损失。随着更多微塑料进入环境，科学家认为情况可能会变得更糟。2022 年全世界有 7 亿人挨饿，微塑料污染可能会在未来二十年让挨饿人数再增加 4 亿。最新研究综合了 157 项研究中逾 3000 项 微塑料对植物影响的观察结果。早先的研究表明，微塑料颗粒能以多种方式伤害植物：阻挡阳光照射到叶子上，破坏植物依赖的土壤。微塑料被植物吸收后会阻塞营养和水通道，诱导出伤害细胞的不稳定分子，释放出有毒化合物，降低光合色素叶绿素的含量。研究人员估计，微塑料使陆地植物的光合作用降低约 12%，海藻光合作用降低约 7%，而海藻是海洋食物网的基础。研究估计亚洲农作物损失最为严重，小麦、大米和玉米的年减产量在 5400 万到 1.77 亿吨之间，占全球损失的一半。欧洲的小麦和美国的玉米也会受到严重冲击。海洋中的微塑料会覆盖藻类，鱼类和海鲜的年损失在 100 万至 2400 万吨之间，这些蛋白质足以养活数千万人。

PowerSchool has published a long-awaited CrowdStrike investigation into its massive December 2024 data breach, which determined that the company was previously hacked over 4 months earlier, in August, and then again in September. [...]

Sony Music told UK regulators that it had to remove more than 75,000 deepfake songs and other material, the latest example of the burgeoning problem of AI-generated false videos, images, and sound that threaten everything from national security to business to individuals.

The post Sony Removes 75,000 Deepfake Items, Highlighting a Growing Problem appeared first on Security Boulevard.

On March 10, 2025, Xitter experienced major service disruptions throughout the day. Users couldn’t access the platform on both mobile apps and the website. Here’s what happened and why it matters. What Happened? X suffered multiple waves of outages starting early Monday morning: First wave: Around 6:00 AM Eastern Time, affecting about 20,000 users Second […]

The post Xitter Hit by Major Cyberattack appeared first on rud.is.

The post Xitter Hit by Major Cyberattack appeared first on Security Boulevard.

虽然利用条件较多，但漏洞影响还是非常广泛的，建议使用相关版本的用户尽快升级安全更新。

虽然利用条件较多，但漏洞影响还是非常广泛的，建议使用相关版本的用户尽快升级安全更新。

虽然利用条件较多，但漏洞影响还是非常广泛的，建议使用相关版本的用户尽快升级安全更新。

Nvidia, подвинься - Apple создала монстра для работы с нейросетями.

CISA warned U.S. federal agencies to secure their networks against attacks exploiting three critical vulnerabilities affecting Ivanti Endpoint Manager (EPM) appliances. [...]

JSON Web令牌（JWT）是一种标准化格式，用于在系统之间发送经过加密签名的JSON数据。

SonarQube Advanced Security includes Software Composition Analysis (SCA) and advanced Static Application Security Testing (SAST) extending SonarQube's core security capability.

The post Announcing SonarQube Advanced Security appeared first on Security Boulevard.

Mimecast found that insider threats, credential misuse and user-driven errors were involved in most security incidents last year

Analysts weigh in on how democratizing cybersecurity could benefit organizations, particularly SMBs, as threats increase across the landscape.

Американская инициатива может изменить подходы к цифровым валютам во всём мире.

在 COBOL 语言诞生 66 年之后，著名自由软件编译器套装 GCC 15 终于合并了 COBOL 前端。COBOL 是专为商业应用开发的编程语言，即使已经过了 60 多年，COBOL 开发的应用仍然被金融机构广泛使用。GCC 15 合并 COBOL 前端的部分动机是为了把原本为大型机开发的 COBOL 应用迁移到 Linux，以被本地和云端使用。

A vulnerability was found in Mogify Infotech Tinxy Wi-Fi Lock Controller v1 RF, Tinxy Door Lock with Wi-Fi Controller, Tinxy 1 Node 10A and 16A Smart Wi-Fi Switches, Tinxy 2 and 4 and 6 Node Smart Wi-Fi Switches, Tinxy Smart 15 Watts 3 in 1 Square Panel Ceiling Light and Tinxy Smart 8 Watts 3 in 1 Round Panel Ceiling Light. It has been classified as problematic. This affects an unknown part. The manipulation leads to cleartext storage of sensitive information. This vulnerability is uniquely identified as CVE-2025-2189. It is possible to launch the attack on the physical device. There is no exploit available.

Unpatched TP-Link Archer routers have become the target of a new botnet campaign dubbed Ballista, according to new findings from the Cato CTRL team. "The botnet exploits a remote code execution (RCE) vulnerability in TP-Link Archer routers (CVE-2023-1389) to spread itself automatically over the Internet," security researchers Ofek Vardi and Matan Mittelman said in a technical report shared with

The use of AI coding assistants is on the rise, and while they can juice a developer's productivity, they also threaten the quality and security of software development, a recent study analyzing millions of lines of code has found.

The post Generative AI software development boosts productivity — and risk appeared first on Security Boulevard.