From breaking news to key moments, people around the world have been able to access important content and news through YouTube. As President Trump begins his fourth year in office, YouTube continues this tradition. Like we have in the past, YouTube wil…
How YouTube supports elections
As the 2020 election season kicks into high gear in the United States, people will visit YouTube to learn about the candidates and watch the election season unfold. Over the last few years, we’ve increased our efforts to make YouTube a more reliable so…
[org.springframework:spring-webmvc] RFD attack via Content-Disposition header sourced from request input by Spring MVC or Spring WebFlux Application
In Spring Framework, versions 5.2.x prior to 5.2.3, versions 5.1.x prior to 5.1.13, and versions 5.0.x prior to 5.0.16, an application is vulnerable to a reflected file download (RFD) attack when it sets a “Content-Disposition” header in the response w…
YouTube Originals announces new documentary, “Coachella: 20 Years in the Desert." Premieres March 31.
In celebration of Coachella’s 20th anniversary, YouTube Originals is partnering with Coachella Valley Music and Arts Festival for a feature-length documentary, “Coachella: 20 Years in the Desert.” It is set to premiere March 31. The announcement comes …
Better protecting kids’ privacy on YouTube
Last September, we announced a series of changes to better protect kids and their privacy on YouTube and to address concerns raised by the U.S. Federal Trade Commission (FTC). Specifically, that all creators will be required to designate their content …
Mac Pro向けの新アクセサリのカラーは黒とシルバー
これまでずっと、Appleのキーボードとマウスの色は白とシルバーでの仕上げでした。しかし、iMac …
[omniauth_amazon] Backdoor / Malicious code
The rest-client gem 1.6.10 through 1.6.13 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party.
Users of an affected version should consider downgrading to the last non-affected version of 1.6.9, or upg…
アップル製品値上げの可能性? 米国による10%の対中制裁関税の影響で
米中貿易戦争はまだ続いています。事態が沈静化するまでにはまだ時間がかかるでしょうが、不幸にも米大統領…
[invenio-records] Cross-site scripting invenio-records
Cross-Site Scripting (XSS) vulnerability in administration interface
Impact
A Cross-Site Scripting (XSS) vulnerability was discovered when rendering JSON for a record in the administration interface. The vulnerability could be exploited by e.g. a user …
【画像】iPhone XR2、ラベンダーとグリーン色を追加か
最近の報告によると、Appleは今年後半にiPhone XR 2に新しいカラーオプションを導入すると…