Aggregator

2026阿里白帽大会 - Kaminsky重现：重新思考DNS辖区原则实现的安全性

好，我现在要帮用户总结这篇文章的内容。用户的要求是用中文，控制在100字以内，不需要特定的开头，直接写描述。首先，我需要仔细阅读文章内容，抓住关键信息。 文章主要讲的是OpenAI收购了Hiro Finance。Hiro是一个人工智能个人理财初创公司，创始人伊桑·布洛赫在周一宣布了这个消息。Hiro得到了一些顶级风投的支持，但收购的具体条款和融资金额没有披露。Hiro将在4月20日停止运营，并在5月13日删除所有数据，媒体称这是“人才收购”。公司成立于2023年，推出了AI工具帮助用户做财务规划。 接下来，我需要把这些信息浓缩到100字以内。重点包括：收购方OpenAI、被收购方Hiro Finance、时间点、风投支持、运营停止和数据删除的时间、以及Hiro的功能。 可能会忽略一些细节，比如具体的风投公司名字和融资金额，因为这些不是最关键的。主要目的是让读者快速了解发生了什么。 最后，确保语言简洁明了，直接描述内容，不使用“文章总结”之类的开头。 OpenAI收购人工智能理财初创公司Hiro Finance。Hiro由伊桑·布洛赫创立于2023年，提供AI驱动的财务规划工具，并于近期停止运营并删除数据。此次收购被视为“人才收购”。

In this Help Net Security video, Jim Alkove, CEO of Oleria, walks through where zero trust programs typically stand one to two years in. Most organizations have made gains in endpoint security and network segmentation, but identity remains the stubborn problem. Identity sprawl, legacy system exceptions, and workforce friction each contribute to stalls that few programs anticipated. Alkove then turns to a challenge most teams are not prepared for: AI agents operating at scale. A … More →

The post Zero trust at year two: What nobody planned for appeared first on Help Net Security.

A vulnerability, which was classified as problematic, was found in AMD CPU. Impacted is an unknown function of the component SMT Module. The manipulation results in information disclosure. This vulnerability is known as CVE-2022-27672. It is possible to launch the attack remotely. No exploit is available.

A vulnerability labeled as critical has been found in Microsoft Windows. Affected by this vulnerability is an unknown functionality of the component Common Log File System Driver. Such manipulation leads to out-of-bounds read. This vulnerability is traded as CVE-2023-36424. An attack has to be approached locally. Furthermore, there is an exploit available. A patch should be applied to remediate this issue.

A vulnerability, which was classified as problematic, was found in Easy Appointments Plugin up to 3.11.18 on WordPress. Affected is an unknown function. Such manipulation leads to cross site scripting. This vulnerability is traded as CVE-2024-2842. The attack may be launched remotely. There is no exploit available.

A vulnerability was found in Easy Appointments Plugin up to 3.11.18 on WordPress and classified as critical. Affected by this issue is some unknown functionality. Executing a manipulation can lead to improper authorization. This vulnerability is handled as CVE-2024-2844. The attack can be executed remotely. There is not any exploit available.

A vulnerability labeled as critical has been found in Button Plugin up to 1.1.28 on WordPress. Affected is the function button_shortcode. The manipulation results in code injection. This vulnerability is identified as CVE-2024-1872. The attack can be executed remotely. There is not any exploit available.

A vulnerability marked as critical has been reported in Lightbox Slider Plugin up to 1.9.9 on WordPress. Affected by this vulnerability is an unknown functionality. This manipulation causes code injection. This vulnerability is tracked as CVE-2024-1858. The attack is possible to be carried out remotely. No exploit exists.

A vulnerability described as problematic has been identified in Ninja Forms Contact Form Plugin up to 3.8.0 on WordPress. Affected by this issue is some unknown functionality. Such manipulation leads to cross site scripting. This vulnerability is listed as CVE-2024-2108. The attack may be performed from remote. There is no available exploit.

A vulnerability classified as critical was found in WP ERP Plugin up to 1.12.9 on WordPress. This vulnerability affects unknown code. Executing a manipulation can lead to sql injection. This vulnerability is registered as CVE-2024-0608. It is possible to launch the attack remotely. No exploit is available.

A vulnerability, which was classified as critical, was found in WP ERP Plugin up to 1.12.9 on WordPress. Impacted is an unknown function. The manipulation results in sql injection. This vulnerability is reported as CVE-2024-0956. The attack can be launched remotely. No exploit exists.

A vulnerability was found in WP ERP Plugin up to 1.12.9 on WordPress. It has been declared as critical. This impacts an unknown function. Executing a manipulation can lead to sql injection. This vulnerability is handled as CVE-2024-0913. The attack can be executed remotely. There is not any exploit available.

A vulnerability was found in wedevs WP ERP Plugin up to 1.12.9 on WordPress. It has been classified as problematic. This vulnerability affects unknown code. This manipulation of the argument api_key causes cross site scripting. This vulnerability appears as CVE-2024-0609. The attack may be initiated remotely. There is no available exploit.

A vulnerability was found in kstover Ninja Forms Contact Form Plugin up to 3.8.0 on WordPress. It has been rated as problematic. Impacted is the function nf_download_all_subs. Performing a manipulation results in cross-site request forgery. This vulnerability is known as CVE-2024-2113. Remote exploitation of the attack is possible. No exploit is available.

好，我需要帮用户总结这篇文章。用户要求控制在100字以内，不要用“文章内容总结”之类的开头，直接描述内容。 首先，文章讲的是微软的Omar Shahine团队在探索将开源AI OpenClaw引入365 Copilot。目标是让AI智能体全天候自主运行，处理复杂任务而不需要用户每次都下指令。 然后，CEO纳德拉把重组Copilot列为优先事项，高管汇报线直接到他那里。功能上，Copilot希望在后台持续运行，主动处理任务，不只是被动回应用户提问。 具体例子包括监控Outlook邮件和日历，在每天开始时自动生成待办事项建议；在Excel中同步整理其他标签页的内容。 总结的时候要涵盖这些关键点：团队、目标、AI功能、主动处理任务、具体例子。 现在把这些浓缩到100字以内。确保信息完整但简洁。 微软团队探索将开源AI技术引入365 Copilot，目标是打造全天候自主运行的AI智能体。Copilot将主动处理复杂任务，在后台持续监控邮件、日历，并自动生成待办事项建议，在Excel中同步整理内容。

Как разведка заранее проверила все слабые места соседей.

Cyber Security Engineer/Application Security Specialist Tecnots | India | On-site – View job details As a Cyber Security Engineer/Application Security Specialist, you will integrate security into the SDLC, perform application security reviews, and support secure APIs, authentication, and data protection. You will embed security into CI/CD pipelines using SAST and DAST, enforce secure coding practices, and support remediation. You will secure cloud and on-prem environments, including Microsoft Azure, manage IAM and access controls, and handle … More →

The post Cybersecurity jobs available right now: April 14, 2026 appeared first on Help Net Security.