Aggregator

暗能量巡天绘制出迄今最大的高分辨率 3D 宇宙地图

Solidot
3 days 1 hour ago
暗能量光谱仪(Dark Energy Spectroscopic Instrument, DESI)为期五年的暗物质巡天绘制出迄今最大的高分辨率 3D 宇宙地图。DESI 安装于美国亚利桑那州 Kitt Peak 国家天文台的 Nicholas U Mayall 4 米望远镜上,搭载可同时观测 5000 个天体光谱的系统,透过量测星系与类星体的红移重建 3D 宇宙分布。DESI 早期资料显示暗能量可能随时间演变,而非固定不变的宇宙学常数。该结果若被完整五年资料证实,将意味着现有宇宙学模型需要修正,甚至可能牵动对基本物理定律的重新理解。目前 DESI 已测量的星系与类星体数量达到过去所有观测总和的六倍,最终累积超过 4700 万个星系与类星体,以及约 2000 万颗恒星,提供前所未有的统计精度,使宇宙在不同时期的膨胀速率与星系分布差异得以被量测,进而检验暗能量是否随时间改变。

CVE-2026-2986 | ajay Contextual Related Posts Plugin up to 4.2.1 on WordPress other_attributes cross site scripting (EUVD-2026-23674)

VulDB Recent Entries
3 days 2 hours ago
A vulnerability was found in ajay Contextual Related Posts Plugin up to 4.2.1 on WordPress and classified as problematic. Affected by this issue is some unknown functionality. The manipulation of the argument other_attributes results in cross site scripting. This vulnerability is cataloged as CVE-2026-2986. The attack may be launched remotely. There is no exploit available.
vuldb.com

Apple Works on Fix for iPhone Passcode Bug Linked to Missing Czech Keyboard Character

Cyber Security News
3 days 2 hours ago

Apple is reportedly developing a software fix for a frustrating iOS 26 bug that has left some users entirely locked out of their iPhones for months. According to a recent report by The Register, Cupertino’s software engineers are scrambling to patch a keyboard interface flaw that inadvertently removed a specific special character necessary for unlocking […]

The post Apple Works on Fix for iPhone Passcode Bug Linked to Missing Czech Keyboard Character appeared first on Cyber Security News.

Dhivya

Researcher Uses Claude Opus to Build a Working Chrome Exploit Chain

Cyber Security News
3 days 3 hours ago

Amidst the heated debate surrounding Anthropic’s recent announcement of its Mythos and Project Glasswing models, a security researcher has demonstrated the tangible cybersecurity implications of frontier AI. Moving beyond theoretical warnings, the researcher successfully utilized Claude Opus to construct a fully functional exploit chain targeting Google Chrome’s complex V8 JavaScript engine. The experiment highlights a […]

The post Researcher Uses Claude Opus to Build a Working Chrome Exploit Chain appeared first on Cyber Security News.

Dhivya

從逆向工程重新認識 AI 的強大

Huli's blog
3 days 3 hours ago

之前寫過一篇感謝 AI 讓我這外行人也能做簡單的逆向工程,描述了我怎麼結合 AI agent 跟 ghidra MCP,去逆向一個 Golang binary(stripped),就算結果有點小錯誤,但整體方向都是對的。

過了快兩個月,這中間我拿 AI 去逆向了更多東西,更多我以為 AI 逆不出來的東西,但 AI 狠狠地打了我的臉,我才是無知的那個。

這篇記錄一下 AI 能做到的事情,最後聊聊這件事讓我對 AI 的看法有了怎樣的改變。

Huli

Healthcare Cyber Research Programs Escape Budget Knife

Ransomware DataBreachToday.com
3 days 3 hours ago
UPGRADE and DigiSeals Programs at ARPA-H Remain Fully Funded
A U.S. federal grant effort to develop autonomous medical device patching platforms for hospitals evaded the budget-cutting knife of the Trump administration. Program boosters hope to automate cyber defenses so that hospitals of any size can more quickly patch vulnerabilities.

Finance Chiefs Warn New AI Models May Rattle Global Banking

Ransomware DataBreachToday.com
3 days 3 hours ago
Officials Warned New Models Could Accelerate Cyber Risks Faster Than Rules
Global finance officials meeting in Washington warned that advanced artificial intelligence models could expose structural weaknesses across banking and payment systems, speeding vulnerability discovery and cyber exploitation faster than regulators can build guardrails.

Scattered Spider Hacker Pleads Guilty in US Federal Court

Ransomware DataBreachToday.com
3 days 3 hours ago
Tyler Buchanan Pleads Guilty to Conspiracy to Commit Wire Fraud and Identity Theft
A senior figure in the Scattered Spider cybercrime group pleaded guilty to one count of conspiracy to commit wire fraud and one count of aggravated identity theft on Friday in US federal district court. The plea marks the conclusion of a digital crime spree by Tyler Robert Buchanan.

微软正式将 FAT32 分区大小从 32GB 增加到 2TB

Solidot
3 days 4 hours ago
微软最近释出了预览版 Windows 11 Insider Preview Build 26300.8170,其中一项变化是将 FAT32 分区大小从 32GB 增加到 2TB。FAT32 分区大小限制在 32GB 是微软开发者随手设置的,几十年来一直没变,导致当存储卡和 U 盘容量超过 32GB 时,用户只能选择 exFAT 或 NTFS。现在微软终于移除了这一限制,但该大小限制仍然只在命令行里移除。

CVE-2026-2505 | elzahlan Categories Images Plugin up to 3.3.1 on WordPress Shortcode z_taxonomy_image cross site scripting (EUVD-2026-23672)

VulDB Recent Entries
3 days 4 hours ago
A vulnerability has been found in elzahlan Categories Images Plugin up to 3.3.1 on WordPress and classified as problematic. Affected by this vulnerability is the function z_taxonomy_image of the component Shortcode Handler. The manipulation leads to cross site scripting. This vulnerability is listed as CVE-2026-2505. The attack may be initiated remotely. There is no available exploit.
vuldb.com

CVE-2026-0894 | vanderwijk Content Blocks Plugin up to 3.3.9 on WordPress Custom Post Widget content_block cross site scripting (EUVD-2026-23670)

VulDB Recent Entries
3 days 4 hours ago
A vulnerability, which was classified as problematic, was found in vanderwijk Content Blocks Plugin up to 3.3.9 on WordPress. Affected is the function content_block of the component Custom Post Widget. Executing a manipulation can lead to cross site scripting. This vulnerability is tracked as CVE-2026-0894. The attack can be launched remotely. No exploit exists.
vuldb.com

拼多多美团等被罚 36 亿

Solidot
3 days 5 hours ago
市场监管总局发表公告,对上海寻梦信息技术有限公司(拼多多)、北京三快科技有限公司(美团)、北京京东叁佰陆拾度电子商务有限公司(京东)、上海拉扎斯信息科技有限公司(原饿了么,现淘宝闪购)、北京抖音科技有限公司(抖音)、浙江淘宝网络有限公司(淘宝)、浙江天猫网络有限公司(天猫)等7家电商平台“幽灵外卖”系列案,依据《中华人民共和国食品安全法》第一百三十一条、《中华人民共和国电子商务法》第八十三条的规定作出行政处罚决定,责令7家电商平台改正违法行为,暂停新增蛋糕店铺 3 至 9 个月不等,并处以罚没款共计 35.97 亿元。同时,依据《中华人民共和国食品安全法实施条例》第七十五条的规定,对 7 家平台企业法定代表人和食品安全总监合计处以罚款 1968.74 万元。其中拼多多被罚 1521930222.91元——即 15.2 亿。

Managed ad