Thousands of Publicly Exposed API Tokens Could Threaten Software Integrity
JFrog scanned over eight million artifacts in the most common open-source software registries Read More
USN-5695-1: Linux kernel (GCP) vulnerabilities
It was discovered that the SUNRPC RDMA protocol implementation in the Linux kernel did not properly calculate the header size of a RPC message payload....
NCSC CEO Calls for International Standards on IoT Security
Lindy Cameron argues that smart cities are becoming an attractive target for threat actors, including nation states Read More
libxml2-2.10.3-1.fc35
FEDORA-2022-fcf5dbb447 Packages in this update: libxml2-2.10.3-1.fc35 Update description: Update to 2.10.3 Fix CVE-2022-40303 Fix CVE-2022-40304 Read More
Adversarial ML Attack that Secretly Gives a Language Model a Point of View
Machine learning security is extraordinarily difficult because the attacks are so varied—and it seems that each new one is weirder than the next. Here’s the...
mingw-expat-2.4.9-1.fc37
FEDORA-2022-dcb1d7bcb1 Packages in this update: mingw-expat-2.4.9-1.fc37 Update description: Update to 2.4.9, fixes CVE-2022-30674. Read More
mingw-expat-2.4.9-1.fc35
FEDORA-2022-c22feb71ba Packages in this update: mingw-expat-2.4.9-1.fc35 Update description: Update to 2.4.9, fixes CVE-2022-30674. Read More
mingw-expat-2.4.9-1.fc36
FEDORA-2022-d93b3bd8b9 Packages in this update: mingw-expat-2.4.9-1.fc36 Update description: Update to 2.4.9, fixes CVE-2022-30674. Read More
Lesson Learned: How SolarWinds Strengthened its Security Post-Incident
Tim Brown, CISO and VP of security at SolarWinds shared his experiences remediating a major cyber-attack during Mandiant’s mWISE event on October 18, 2022 Read...
CVE-2021-42553
A buffer overflow vulnerability in stm32_mw_usb_host of STMicroelectronics allows an attacker to execute arbitrary code when the descriptor contains more endpoints than USBH_MAX_NUM_ENDPOINTS. The library...