freetype-2.11.0-6.fc35
FEDORA-2022-80e1724780 Packages in this update: freetype-2.11.0-6.fc35 Update description: Security fix for CVE-2022-27404, CVE-2022-27405 and CVE-2022-27406. Read More
Instagram Hack Results in $1 Million Loss in NFTs
Imagine – your favorite brand on Instagram just announced a giveaway. You’ll receive a free gift! All you have to do is provide your credit...
UK to Place Security Requirements on App Developers and Store Operators
Under the proposals, all app stores would be required to commit to a new code of practice Read More
USN-5402-1: OpenSSL vulnerabilities
Elison Niven discovered that OpenSSL incorrectly handled the c_rehash script. A local attacker could possibly use this issue to execute arbitrary commands when c_rehash is...
USN-5400-2: MySQL vulnerabilities
USN-5400-1 fixed several vulnerabilities in MySQL. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: Multiple security issues were discovered in...
USN-5401-1: DPDK vulnerabilities
Wenxiang Qian discovered that DPDK incorrectly checked certain payloads. An attacker could use this issue to cause DPDK to crash, resulting in a denial of...
java-latest-openjdk-18.0.1.0.10-1.rolling.el7
FEDORA-EPEL-2022-ec554055b2 Packages in this update: java-latest-openjdk-18.0.1.0.10-1.rolling.el7 Update description: Oracle 04/2022 critical path update https://www.oracle.com/security-alerts/cpuapr2022.html#AppendixJAVA Read More
Chinese APT group Winnti stole trade secrets in years-long undetected campaign
Security researchers have uncovered a cyberespionage campaign that has remained largely undetected since 2019 and focused on stealing trade secrets and other intellectual property from...
New Sophisticated Malware
Mandiant is reporting on a new botnet. The group, which security firm Mandiant is calling UNC3524, has spent the past 18 months burrowing into victims’...
Pro-Ukrainian DoS attack compromises Docker Engine honeypots to target Russian, Belarusian websites
Researchers from cybersecurity vendor CrowdStrike have detected a denial-of-service (DoS) attack compromising Docker Engine honeypots to target Russian and Belarusian websites amid the ongoing Russia-Ukraine...