Aggregator

文章描述了错误代码521的含义及其常见原因。该错误通常由Cloudflare引发，表示源服务器未能正确响应请求。常见原因包括源服务器过载、配置错误或网络连接问题。

HackerNews 编译，转载请注明出处： 美国联邦多部门正联合支持一项提案，计划禁止TP-Link 家用路由器在美销售，理由是该厂商被指仍与前中国母公司存在紧密关联。 据《华盛顿邮报》报道，美国商务部已正式提出这一禁售建议。消息人士透露，该提案获得了美国国防部、国土安全部及司法部的支持。 指控理由 TP-Link Systems总部位于美国加利福尼亚，最初是从中国本土企业普联技术（TP-Link Technologies）分拆而来。 数据显示，该公司产品占据美国家用路由器市场份额的36%。且由于一些互联网服务提供商会捆绑TP-Link设备，实际份额可能更高。 美国商务部指控的理由有两个： 第一，该公司仍持有原中国母公司在华资产。 第二，路由器设备涉及美国敏感数据处理，或存安全隐患。 此外，据此，商务部怀疑该公司仍受中国政府的管辖或影响。 对此，TP-Link 美国公司明确否认所有指控，并表示过去三年已与中国母公司完成彻底拆分。 公司发言人里卡・西尔维里奥在声明中强调：“TP-Link 坚决驳斥任何有关其产品对美国国家安全构成威胁的说法，我们作为一家美国企业，始终致力于为美国及全球市场提供高品质、安全可靠的产品。” 未来走向 目前，该提案仍需美国商务部最终签署生效，且不排除被否决的可能。 近期，中美两国领导人会晤后，双方达成了为期一年的贸易休战协议。 或许正因如此，《华盛顿邮报》指出，提案中预留了协商空间：TP-Link 美国公司可通过提交一份令政府满意的解决方案，来避免禁令生效。美方的核心诉求是获得明确保证：产品的关键软硬件研发过程，不得受到中国方面的任何影响。 这一情节与 TikTok 的命运轨迹颇为相似。TikTok 的母公司字节跳动总部位于中国，此前特朗普政府在获得国家安全相关承诺后，允许该应用继续在美国运营，中国方面也已批准相关协议；此外，TikTok 还需将其核心算法复制后，利用美国用户数据重新训练。 根据美国相关法律，若商务部长认定某款受外国影响的技术存在安全风险，商务部有权提出风险缓解方案。但在 TP-Link 一案中，官员们认为，除全面禁售外，任何缓解措施都无法达到安全要求。     消息来源：cybernews； 本文由 HackerNews.cc 翻译整理，封面来源于网络； 转载请注明“转自 HackerNews.cc”并附上原文

KDE Plasma 6.5 has become one of the most significant updates in recent years for Linux users. The developers

The post Turning Point: KDE Plasma 6.5.1 Arrives, Fixing Dozens of Bugs to Welcome New Linux Users appeared first on Penetration Testing Tools.

In September and October, researchers at Arctic Wolf Labs uncovered a new wave of cyber-espionage targeting the diplomatic

The post Diplomatic Spies: Chinese APT UNC6384 Targets NATO Hosts with PlugX Malware appeared first on Penetration Testing Tools.

The American company Ribbon Communications has reported a major cyberattack on a telecommunications network that compromised both its

The post Telecom Spies: Ribbon Communications Breached in 9-Month State-Sponsored Espionage Attack appeared first on Penetration Testing Tools.

嗯，用户让我总结这篇文章的内容，控制在100字以内，而且不需要用“文章总结”之类的开头。首先，我得通读整篇文章，抓住主要观点。 文章讲的是自学语言的优缺点，优点是自由和兴趣导向，缺点是弯路多、效率低。作者还提到自学的一个独特优势：学习如何学习语言，也就是掌握元知识。接着，他讨论了三个关键点：重复、注意和组块。 重复的重要性在于对抗遗忘和纠正错误；注意是提醒我们要有意识地关注语言形式；组块则是帮助我们更高效地表达和理解。这些都是提升语言学习效果的关键方法。 所以，我需要把这些要点浓缩到100字以内，确保涵盖主要观点，同时语言简洁明了。 文章探讨了自学语言的优缺点及提升方法。自学虽自由但效率低，需掌握「元知识」以优化学习。文章提出三个关键点：重复对抗遗忘与错误固化；注意提醒主动关注语言形式；组块帮助形成稳定表达框架。这些方法可提升语言学习效果。

A coalition of more than thirty human rights, consumer protection, and child advocacy organizations has urged the U.S.

The post Privacy Alarm: Coalition Urges FTC to Halt Meta’s Plan to Use Private AI Chats for Ads appeared first on Penetration Testing Tools.

今天给大家分享一些美国政府、企业和NGO机构的邮箱后缀。

A researcher operating under the handle rogueFed covertly joined a closed online briefing hosted by Cellebrite and leaked

The post The Leak: Cellebrite Matrix Reveals GrapheneOS Protects Pixels Against Data Extraction appeared first on Penetration Testing Tools.

Hacktivists have infiltrated Canada’s critical infrastructure systems, altering control parameters across several facilities — actions that authorities warn

The post Hacktivist Warning: Canadian Critical Infrastructure Breached, Control Parameters Altered appeared first on Penetration Testing Tools.

Several U.S. government agencies have expressed support for a Commerce Department initiative exploring a potential ban on TP-Link

The post U.S. Interagency Consultations Target TP-Link Ban Over Suspected China Ties appeared first on Penetration Testing Tools.

Google has released new data detailing the performance of Android’s built-in protection systems designed to combat fraudulent calls

The post AI Shield: Android Blocks 10 Billion Scams Monthly as Job Offers & Financial Fraud Surge appeared first on Penetration Testing Tools.

A vulnerability was found in Linux Kernel up to 6.15.3. It has been rated as problematic. The impacted element is the function truncate_inode_partial_folio of the file /mnt/foo of the component ext4. Performing manipulation results in out-of-bounds read. This vulnerability is reported as CVE-2025-38221. The attacker must have access to the local network to execute the attack. No exploit exists. Upgrading the affected component is advised.

A vulnerability described as critical has been identified in Linux Kernel up to 6.6.94/6.12.34/6.15.3. This issue affects the function ext4_dirty_journalled_data of the component ext4. Executing manipulation can lead to null pointer dereference. This vulnerability is handled as CVE-2025-38220. The attack can only be done within the local network. There is not any exploit available. Upgrading the affected component is recommended.

A vulnerability was found in Linux Kernel up to 6.15.3. It has been declared as critical. This vulnerability affects the function build_sit_entries. The manipulation results in denial of service. This vulnerability is reported as CVE-2025-38218. The attacker must have access to the local network to execute the attack. No exploit exists. It is recommended to upgrade the affected component.

A vulnerability marked as problematic has been reported in Linux Kernel up to 6.15.3. This vulnerability affects the function i_nlink of the file fs/inode.c. Performing manipulation results in privilege escalation. This vulnerability is known as CVE-2025-38219. Access to the local network is required for this attack. No exploit is available. It is suggested to upgrade the affected component.

A vulnerability classified as problematic was found in Linux Kernel up to 6.6.94/6.12.34/6.15.3/6.16-rc2. The affected element is the function fts_read of the component hwmon. The manipulation results in race condition. This vulnerability was named CVE-2025-38217. The attack needs to be approached within the local network. There is no available exploit. Upgrading the affected component is advised.

A vulnerability, which was classified as problematic, was found in Linux Kernel up to 6.12.34/6.15.3. Affected is the function spi_master. Such manipulation leads to privilege escalation. This vulnerability is listed as CVE-2025-38216. The attack must be carried out from within the local network. There is no available exploit. You should upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.15.3. It has been declared as critical. This impacts the function fb_add_videomode of the component fbdev. Executing manipulation can lead to null pointer dereference. This vulnerability is registered as CVE-2025-38214. The attack requires access to the local network. No exploit is available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.6.94/6.12.34/6.15.3. It has been declared as critical. Affected by this issue is the function fb_add_videomode of the component fbdev. The manipulation results in null pointer dereference. This vulnerability is cataloged as CVE-2025-38215. The attack must originate from the local network. There is no exploit available. It is recommended to upgrade the affected component.