CVE-2020-29260
libvncclient v0.9.13 was discovered to contain a memory leak via the function rfbClientCleanup(). Read More
Friday Squid Blogging: Squid Images
iStock has over 13,000 royalty-free images of squid. As usual, you can also use this squid post to talk about the security stories in the...
CVE-2021-27693
Server-side Request Forgery (SSRF) vulnerability in PublicCMS before 4.0.202011.b via /publiccms/admin/ueditor when the action is catchimage. Read More
CVE-2020-22669
Modsecurity owasp-modsecurity-crs 3.2.0 (Paranoia level at PL1) has a SQL injection bypass vulnerability. Attackers can use the comment characters and variable assignments in the SQL...
protobuf-c-1.4.1-2.fc36
FEDORA-2022-3be472fe11 Packages in this update: protobuf-c-1.4.1-2.fc36 Update description: Updated to version 1.4.1. Read More
OpenSSF releases npm best practices to help developers tackle open-source dependency risks
The Open Source Security Foundation (OpenSSF) has released the npm Best Practices Guide to help JavaScript and TypeScript developers reduce the security risks associated with...
US Police Deployed Obscure Smartphone Tracking Tool With No Warrants
It would allow police to search billions of mobile device-based records, including GPS data Read More
Google Chrome Vulnerability Lets Sites Quietly Overwrite Clipboard Contents
The bug was discovered by developer Jeff Johnson, who detailed his findings in a blog post Read More
JuiceLedger Hacker Linked to First Phishing Campaign Targeting PyPI Users
JuiceLedger started poisoning open-source packages as a way to target a wider audience in August Read More
Montenegro is the Victim of a Cyberattack
Details are few, but Montenegro has suffered a cyberattack: A combination of ransomware and distributed denial-of-service attacks, the onslaught disrupted government services and prompted the...