DeepSeek has a free website and mobile app even for U.S. users with an R1-powered chatbot interface similar to OpenAI's ChatGPT.Read More

Jan 24, 2025Ravie LakshmananVulnerability / JavaScriptThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday placed a now-patched security flaw impacting the popular jQuery JavaScript library to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.The medium-severity vulnerability is CVE-2020-11023 (CVSS score: 6.1/6.9), a nearly five-year-old cross-site scripting (XSS) bug that could be exploited to achieve arbitrary code execution."Passing HTML containing <option> elements from untrusted sources - even after sanitizing them - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code," according to a GitHub advisory released for the flaw.The problem was addressed in jQuery version 3.5.0 released in April 2020. A workaround for CVE-2020-11023 involves using DOMPurify with the SAFE_FOR_JQUERY flag set to sanitize the HTML string before passing it to a jQuery method.As is typically the case, the advisory from CISA is lean on details about the specific nature of exploitation and the identity of threat actors weaponizing the shortcoming. Nor are there any public reports related to attacks that leverage the flaw in question.That said, Dutch security firm EclecticIQ revealed in February 2024 that the command-and-control (C2) addresses associated with a malicious campaign exploiting security flaws in Ivanti appliances ran a version of JQuery that was susceptible to at least one of the three flaws, CVE-2020-11023, CVE-2020-11022, and CVE-2019-11358.Pursuant to Binding Operational Directive (BOD) 22-01, Federal Civilian Executive Branch (FCEB) agencies are recommended to remediate the identified flaw by February 13, 2025, to secure their networks against active threats.Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.SHARE

At Cranky Concierge, we strive to be the most useful and worry-free travel service available for all travelers. We use our superior industry knowledge to book travel, monitor for issues, and intervene when things go wrong.We specialize in providing air travel assistance to people at various points in their travels. The Concierge's primary responsibility is to help people if something goes wrong during the hours that the flight planning office is closed, but will also overlap with office hours at the beginning or end of the day. Shift TimingsWere looking for someone to cover the following shifts on a regular basis:Sundays 7 or 8pm to 3am Eastern TimeMondays 7 or 8pm to 3am Eastern TimeIt would be a bonus if you could also cover:Thursdays 7 or 8pm to 3am Eastern TimeWhile the shifts listed above would be your regular shifts, there would be opportunities to pick up additional shifts in line with operational needs and to provide cover for other team members.For this role, we want someone passionate about helping stranded travelers get where they need to go. You have to like dealing with people and understanding what they need, even if they aren't entirely sure. You should be good at being available at night (or perhaps living in Europe, Asia, or Africa). If you don't love all of this, it's not the right fit.Salary range: $14-$16/hourJob ResponsibilitiesConcierges are on duty to answer any urgent questions and help travelers who are stuck overnight. Email and phone systems are programmed to alert if there's a problem, but other notifications may come in.Some urgent questions may require a simple response or update (such as a slight delay with no impact on plans). Others may involve finding new flight options for cancellations and missed connections. This will often be done in the Sabre GDS.Available to answer urgent phone calls and provide help if needed (sometimes, those calls to the urgent line aren't all that urgent!).Prepare and send flight updates.Assist with tasks such as processing refunds, filing for compensation, and other pre- and post-travel tasks as needed. When needed and workload permits, the concierge will assist with travel planning, including but not limited to searching for and booking air travel, hotels, car rentals, and transfers. This will mainly be done by email but may also entail phone calls.If this sounds like the kind of thing you like to do, then keep reading!Skills You Should Possess (and Other Stuff)Reliability is critical. Must be available and able to assist within 10 minutes of any alert notification.Must have good knowledge of airline networks and options to be able to find alternates quickly for stranded clients.Knowledge of Sabre or other GDS/ARS is preferred but not required.Accuracy and speed are essential. Timing is everything when it comes to this role.Common sense ability to help clients better understand what they need or should want is required.Able to work with little supervision. There are times youll be the only person on. You wont ever be completely on an island, as there will always be someone you can reach out to, which leads us toNever be too proud. If you don't know the answer, then be willing to ask others for help.Must be able to roll with the punches and maintain a calm demeanor. The client may be stressed and angry; you can't be.Background checks will be required - the job involves handling sensitive client data.Location doesn't matter to do the job, but you must be eligible to work in the United States. Preference will be given to those in California, Colorado, Georgia, Idaho, Nevada, New York, North Carolina, South Carolina, Tennessee, Texas, and Florida.All work is done remotely so make sure that you have a comfortable place to work. Work will be done on your computer (Windows or IOS), and you must have reliable internet and a smartphone (Android or iPhone). Communication with clients and airlines is a mix of email and phone, so you must have a quiet work environment.We can't stress enough how important attention to detail is, so please be sure to include your favorite airline in your application.

Springfield's has limited internet plans but it has service from AT&T Fiber -- arguably the best in the country. CNET helps you pick the best internet service provider for your needs.

Looking forthe most recentMini Crossword answer?Click here for today's Mini Crossword hints, as well as our daily answers and hints for The New York Times Wordle, Strands, Connections and Connections: Sports Edition puzzles.The NYT Mini Crosswordhas a real dad joke answer today. 2-Down wants you to identify a pop-up button, but if you're thinking of a button on a gadget or an appliance, think again. It's kind of a groaner. Need some more help with today's Mini Crossword? Read on. And if you could use some hints and guidance for daily solving, check out our Mini Crossword tips.The Mini Crossword is just one of many games in the Times' games collection. If you're looking for today's Wordle, Connections, Connections: Sports Edition and Strands answers, you can visitCNET's NYT puzzle hints page.Read more: Tips and Tricks for Solving The New York Times Mini CrosswordLet's get at those Mini Crossword clues and answers. The completed NYT Mini Crossword puzzle for Jan. 24, 2025. NYT/Screenshot by CNETMini across clues and answers1A clue: Bowser in the Mario games, e.g.Answer: BOSS5A clue: It's made to measureAnswer: RULER7A clue: Video game company named after a term in the board game GoAnswer: ATARI8A clue: Exercise similar to a crunchAnswer: SITUP9A clue: Unwelcome message on a graded paperAnswer: SEEMEMini down clues and answers1D clue: Word before knuckles or tacksAnswer: BRASS2D clue: Pop-up button?Answer: OUTIE3D clue: Classic blackboard materialAnswer: SLATE4D clue: Concentrated form of many cosmeticsAnswer: SERUM6D clue: Ready to eat, as fruitAnswer: RIPEHow to play more Mini CrosswordsThe New York Times Games section offers a large number of online games, but only some of them are free for all to play. You can play the current day's Mini Crossword for free, but you'll need a subscription to the Times Games section to play older puzzles from the archives.

Kumail Nanjiani has reportedly joined the cast for the second season of Amazon's Fallout series. Read more

submitted by /u/silence7 [link] [comments]

"National embarrassment" All federal agencies ordered to terminate remote workideally within 30 days US agencies wasting billions on empty offices an embarrassment, RTO memo says. Ashley Belanger Jan 23, 2025 4:28 pm | 226 US President Donald Trump holds a signed executive order on remote work for government employees during the 60th presidential inauguration parade at Capital One Arena in Washington, DC, US, on Monday, Jan. 20, 2025. Credit: Bloomberg / Contributor | Bloomberg US President Donald Trump holds a signed executive order on remote work for government employees during the 60th presidential inauguration parade at Capital One Arena in Washington, DC, US, on Monday, Jan. 20, 2025. Credit: Bloomberg / Contributor | Bloomberg Story textSizeSmallStandardLargeWidth *StandardWideLinksStandardOrange* Subscribers only Learn moreAll federal agencies received a memo Wednesday requiring the termination of remote work options, with return-to-office plans due by end of day Friday.In the memo, the acting director of the Office of Personnel Management, Charles Ezell, told the heads and acting heads of all departments and agencies that the change is due to Donald Trump's Return to In-Person Work presidential memorandum, which carved out space for some exemptions and ordered:Heads of all departments and agencies in the executive branch of Government shall, as soon as practicable, take all necessary steps to terminate remote work arrangements and require employees to return to work in-person at their respective duty stations on a full-time basis, provided that the department and agency heads shall make exemptions they deem necessary.Empty offices a national embarrassmentAccording to the memo, "most federal offices presently are virtually abandoned," with "the vast majority of federal office workers" having "not returned to in-person work" after transitioning to remote work during the height of the COVID-19 pandemic. Not only has this "devastated" the local economy in Washington, D.C., the memo said, but having so many federal offices sitting empty also serves as a "national embarrassment.""Virtually unrestricted telework has led to poorer government services and made it more difficult to supervise and train government workers," Ezell said, citing a report from the House Committee on Oversight and Government Reform.That report was published last week, calling out the lack of data supporting remote work policies. It found that "American taxpayers are wasting billions to pay for owned and leased federal office space that remain largely vacant" and accused the Biden administration of making "no real attempt to determine the effects of widespread telework.""While the Biden-Harris Administration has touted the benefits of telework, it generally has had no means of measuring the effects of telework on agency mission outcomes or on addressing any existing recruitment or retention challenges," the report noted among key findings.Exceptions may be grantedEzell's memo expanded criticism of the Biden administration's approach to remote work, suggesting that it enabled federal unions' alleged attempts "to abuse the collective-bargaining process to guarantee full-time telework into the indefinite future and forestall any requirement to return to the office."Suspecting that the "rampant use of telework is likely underreported," the committee's report concluded that "even the reported levels are excessive, there is little evidence that it is enhancing productivity or addressing recruitment and retention gaps, and there is evidence it is harming agency missions and citizen-facing services."To overcome these supposed deficiencies, the committee recommended that remote work policies be linked to performance metrics, rather than "employee preferences or union demands." Any remote work that is granted should be tracked through automated systems, the report further prescribed, and any attempts for federal agencies to compete for talent using remote work perks should not be tolerated.This will allow the government to alleviate the "national embarrassment" of empty offices and "dispose of unneeded property and terminate unnecessary leases," the report said.While some employees may be eligible for RTO exemptionseither to accommodate a disability or qualifying medical condition, or for some "other compelling reason certified by the agency head and the employees supervisor"Ezell's memo insisted that a general return-to-office push was necessary. He said that Trump's presidential memo reflected "a simple reality" that "the only way to get employees back to the office is to adopt a centralized policy requiring return-to-work for all agencies across the federal government.""Seeking to cajole individual agencies to try to get employees to return to the worksite has not succeeded," Ezell said.Although Trump's memo set no deadline for RTO efforts to begin, Ezell gave federal agency heads rather short notice to fall in line. All agencies must submit their RTO plans by 5 pm ET on Friday, January 24, Ezell's memo said.Those plans should specify "the date that the agency will be in full compliance with the new telework policy," with a recommended deadline of 30 days to comply, Ezell said.Ashley BelangerSenior Policy ReporterAshley BelangerSenior Policy Reporter Ashley is a senior policy reporter for Ars Technica, dedicated to tracking social impacts of emerging policies and new technologies. She is a Chicago-based journalist with 20 years of experience. 226 Comments

Image: ValveThe Steam Deck is very much focused on the PC market, but even it's seemingly been unable to avoid the excitement of the Nintendo Switch 2 announcement last week with a reported slump in sales revenue.As highlighted by Twisted Voxel (via Steam Deck HQ), the Steam Deck is regularly trending at the top of the "top sellers" chart on Steam, but between 14th January - 21st January, Valve's portable PC hardware dropped from the top three to the 47th spot. This is supposedly its "lowest global ranking since its launch in 2022". At the time of writing, it's now back up in second place on the charts - so it's business as usual.This is just an observation (and we sincerely doubt the Steam Deck's future is under threat), but it goes to show how Nintendo had everyone's attention last week with its surprise (and highly-anticipated) reveal. Realistically, it seems Nintendo should be in quite a strong position with the Switch 2, considering the Switch has now shifted more than 146 million units worldwide.The Steam Deck remains a great device if you're a user of Valve's Steam service and is arguably the standout of portable gaming PCs currently on the market - allowing you to immediately download and play your existing library of digital games on the go.Interestingly, Nintendo might be drawing some inspiration from PC hardware, following what appears to be the discovery of an optical sensor on the side of the Switch 2's left Joy-Con. The official Switch 2 trailer also seemed to showcase mouse-style Joy-Con controllers.The Switch 2 announcement looks to have impacted Nintendo's share prices as well, which reached an all-time high. 1-UpFlexing that backward compatibilityBehold the Nintendo Steam OLED... no, that's not rightWhat are your thoughts about this? Would you still consider a Steam Deck now that the Switch 2 has been revealed? Do you already own these devices? Let us know in the comments.[source bsky.app, via twistedvoxel.com, steamdeckhq.com]See AlsoShare:00 Liam is a news writer and reviewer for Nintendo Life and Pure Xbox. He's been writing about games for more than 15 years and is a lifelong fan of Mario and Master Chief. Hold on there, you need to login to post a comment...Related ArticlesRandom: Donkey Kong Country's Artist Reacts To Nintendo's Redesign"Everything changes!"Poll: What Do You Think Of Donkey Kong's Redesign In Mario Kart 9?Got whiplash?Round Up: Video Game Industry Reacts To Nintendo's Switch 2 AnnouncementHere's what everyone thoughtVideo: We've Spotted Some Secrets In The Nintendo Switch 2 Reveal TrailerSwitch sleuthingNintendo: Switch 2's Backwards Compatibility Feature Is The "Best Direction" For ConsumersSwitch is already "played by many consumers"

Seattle-based Madrona Capital is celebrating its 30 years in business by raising $770 million in fresh capital. This is the firms largest fundraise to date, exceeding $690 million across two funds Madrona closed in 2022.While an 11% capital pool upsize may not seem significant, any increase at a time when many venture outfits are forced to reduce their fund hauls is a sign that limited partners are excited about the firms prospects and recent track record.Madronas managing director, Matt McIlwain, told TechCrunch that it helped that last year in a market where exits were few and far between the firm sold a few portfolio companies and distributed capital to its investors. The firms recent exits include Lexion, which sold to Docusign for $165 million, and Octo AI, which Nvidia acquired for a reported $250 million.The LP community is generally concerned about distributions, McIlwain said. I think we stood out as a firm that had done really well on that front, not just this past year, but over many years.Madrona started as a group of super angels who wrote a check to an online bookseller, Amazon, in 1995. The firm has since evolved into a multi-stage investor that has backed companies like Redfin, Smartsheet, Snowflake and, more recently, AI startups Typeface and Runway.Although Madrona undoubtedly benefited from being the largest VC firm in the same geographic location as Amazon and Microsoft, it decided to venture beyond Seattle by opening an office in Silicon Valley in 2022.McIlwain said that the fresh capital will be used to invest in AI applications in domains ranging from travel to life sciences, as well as in infrastructure companies that can remove friction between foundational models and users. The firm will back about 30 pre-seed, seed and Series A startups from its approximately $490 million early-stage fund, and the remaining capital will go towards 12 companies raising their Series B or Series C.As Madrona enters its fourth decade, it is extremely optimistic about whats ahead in 2025. McIlwain described the current conditions as a risk-on mindset that will help foster entrepreneurship and create value.