#CYBERUK23: Threat Posed by ‘Irresponsible’ Use of Commercial Hacking Tools Increasing, NCSC Warns
Spyware and hackers-for-hire will almost certainly expand in the next five years, warned the British cybersecurity agency Read More
Raspberry Robin Adopts Unique Evasion Techniques
Security researchers at Check Point published a new advisory on Tuesday describing the new malware Read More
Nurse Call Systems, Infusion Pumps Riskiest Connected Medical Devices
The findings come from a new report by asset visibility and security company Armis Read More
python-django-4.0.10-1.fc37
FEDORA-2023-8fed428c5e Packages in this update: python-django-4.0.10-1.fc37 Update description: Security fix for: CVE-2023-24580 CVE-2023-23969 CVE-2022-41323 CVE-2022-36359 CVE-2022-34265 CVE-2022-28346 CVE-2022-28347 https://docs.djangoproject.com/en/4.2/releases/4.0.3/ https://docs.djangoproject.com/en/4.2/releases/4.0.4/ https://docs.djangoproject.com/en/4.2/releases/4.0.5/ https://docs.djangoproject.com/en/4.2/releases/4.0.6/ https://docs.djangoproject.com/en/4.2/releases/4.0.7/ https://docs.djangoproject.com/en/4.2/releases/4.0.8/ https://docs.djangoproject.com/en/4.2/releases/4.0.9/...
USN-6030-1: Linux kernel (Qualcomm Snapdragon) vulnerabilities
It was discovered that the Traffic-Control Index (TCINDEX) implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause...
USN-6029-1: Linux kernel vulnerabilities
It was discovered that the Traffic-Control Index (TCINDEX) implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause...
USN-6028-1: libxml2 vulnerabilities
It was discovered that lixml2 incorrectly handled certain XML files. An attacker could possibly use this issue to cause a crash or execute arbitrary code....
OpenSSF releases SLSA v1.0, adds software supply chain-specific tracks
The Open Source Security Foundation (OpenSSF) has announced the release of Supply-chain Levels for Software Artifacts (SLSA) v.1.0 with structure changes designed to make the...
Darwinium upgrades its payment fraud protection platform
Security and fraud prevention vendor Darwinium has updated its Continuous Customer Protection platform to provide shared intelligence on anonymized data sets. The company claims that...
Lacework adds vulnerability risk management to its flagship offering
Cloud security provider Lacework has added a new vulnerability risk management capability to its cloud-native application protection (CNAPP) offering. The SaaS capability will combine active...