Police arrest scammer on FBI’s “Most Wanted” list in relation to $100 million fraud
The alleged ringleader of an international scam operation has been arrested by Nigerian authorities in Lagos, after being wanted by the FBI since 2016. Read...
Sioux Falls Funds DSU Cybersecurity Lab
City council approves $10m appropriation toward Dakota State University cybersecurity lab Read More
Irish Watchdog Fines Meta $19m Over Data Breach
Ireland’s data regulator imposes penalty after inquiry into 2018 data breach notifications Read More
Avast Merger Raises Competition Concerns
UK government finds NortonLifeLock purchase of Avast could reduce competition Read More
Breaking RSA through Insufficiently Random Primes
Basically, the SafeZone library doesn’t sufficiently randomize the two prime numbers it used to generate RSA keys. They’re too close to each other, which makes...
CVE-2021-23648
The package @braintree/sanitize-url before 6.0.0 are vulnerable to Cross-site Scripting (XSS) due to improper sanitization in sanitizeUrl function. Read More
Drupal core – Moderately critical – Third-party libraries – SA-CORE-2022-005
Project: Drupal core Date: 2022-March-16 Security risk: Moderately critical 13∕25 AC:Basic/A:User/CI:Some/II:Some/E:Theoretical/TD:Default Vulnerability: Third-party libraries CVE IDs: CVE-2022-24728 CVE-2022-24729 Description: The Drupal project uses the CKEditor...
CVE-2021-23165
A flaw was found in htmldoc before v1.9.12. Heap buffer overflow in pspdf_prepare_outpages(), in ps-pdf.cxx may lead to execute arbitrary code and denial of service....
CVE-2021-23158
A flaw was found in htmldoc in v1.9.12. Double-free in function pspdf_export(),in ps-pdf.cxx may result in a write-what-where condition, allowing an attacker to execute arbitrary...
CVE-2021-20299
A flaw was found in OpenEXR's Multipart input file functionality. A crafted multi-part input file with no actual parts can trigger a NULL pointer dereference....