Friday Squid Blogging: Squid Catch Quotas in Peru
Peru has set a lower squid quota for 2024. The article says “giant squid,” but that seems wrong. We don’t eat those. As usual, you...
Security and Human Behavior (SHB) 2024
This week, I hosted the seventeenth Workshop on Security and Human Behavior at the Harvard Kennedy School. This is the first workshop since our co-founder,...
USN-6816-1: Linux kernel vulnerabilities
Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A...
A Vulnerability in SolarWinds Serv-U Could Allow for Path Transversal
A vulnerability has been discovered in SolarWinds Serv-U that could allow for path transversal that could lead to disclosure of sensitive information. SolarWinds Serv-U is...
tomcat-9.0.89-1.fc40
FEDORA-2024-c404b99f19 Packages in this update: tomcat-9.0.89-1.fc40 Update description: This update includes a rebase from 9.0.83 to 9.0.89. #2269611 CVE-2024-24549 tomcat: CVE-2024-24549: Apache Tomcat: HTTP/2 header...
Multiple Vulnerabilities in PHP Could Allow for Remote Code Execution
Multiple vulnerabilities have been discovered in PHP which could allow for remote code execution. PHP is a programming language originally designed for use in web-based...
16-year-old arrested in France in connection with high-profile Epsilon hacking group attacks
A 16-year-old youth has been arrested in France on suspicion of having run a malware-for-rent business. The unnamed Frenchman, who goes by online handles including...
galera-26.4.18-1.fc40 mariadb10.11-10.11.8-1.fc40
FEDORA-2024-6ea93e629b Packages in this update: galera-26.4.18-1.fc40 mariadb10.11-10.11.8-1.fc40 Update description: MariaDB 10.11.8 & Galera 26.4.18 Release notes: https://mariadb.com/kb/en/mariadb-10-11-7-release-notes/ https://mariadb.com/kb/en/mariadb-10-11-8-release-notes/ Read More
EmailGPT Exposed to Prompt Injection Attacks
The flaw enables attackers to gain control over the AI service by submitting harmful prompts Read More
The Justice Department Took Down the 911 S5 Botnet
The US Justice Department has dismantled an enormous botnet: According to an indictment unsealed on May 24, from 2014 through July 2022, Wang and others...