This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
Multiple vulnerabilities have been discovered in the Xen hypervisor, which
could result in privilege escalation. In addition this updates provides
mitigations for the Retbleed speculative execution attack and the
MMIO stale data vulnerabilities.
A directory traversal vulnerability was discovered in the Metadata
anonymisation toolkit, which could result in information disclosure via
a malformed ZIP archive.
The following vulnerabilities have been discovered in the WebKitGTK
web engine:
The following vulnerabilities have been discovered in the WPE WebKit
web engine:
A data breach is a security incident in which a malicious actor breaks through security measures to illicitly access data.
Data about individuals—names, birthdates, financial information, social security numbers and driver’s license numbers, and more—lives in innumerable copies across untold numbers of servers at private companies, public agencies, and in the cloud. If someone who isn’t authorized to access personally identifiable information (PII) manages to get a look at it, that can have dire consequences both for the individual and for the organization that stored the data and was supposed to keep it safe.
python-notebook-6.4.11-3.fc36
Security fix for CVE-2022-24785 and CVE-2022-31129.
python-notebook-6.4.0-4.fc35
Security fix for CVE-2022-24785 and CVE-2022-31129.
Since early 2021 researchers have observed multiple attack campaigns by state-sponsored advanced persistent threat (APT) groups aimed at journalists and the media organizations they work for. The attacks targeted their work emails and social media accounts and often followed journalists’ coverage of stories that painted certain regimes in a bad light or were timed to sensitive political events in the U.S.
Journalists have always been an appealing target for spies due to the access they have to sensitive information and the trust that organizations and individuals generally place in them, which is why it’s imperative for members of the media to undergo online security training and be aware of the techniques used by state-linked hackers.
