yt-dlp-2024.07.07-1.fc39
FEDORA-2024-c07c365ba7 Packages in this update: yt-dlp-2024.07.07-1.fc39 Update description: Update to 2024.07.07 Update to 2024.07.02 Read More
On the CSRB’s Non-Investigation of the SolarWinds Attack
ProPublica has a long investigative article on how the Cyber Safety Review Board failed to investigate the SolarWinds attack, and specifically Microsoft’s culpability, even though...
USN-6885-1: Apache HTTP Server vulnerabilities
Marc Stern discovered that the Apache HTTP Server incorrectly handled serving WebSocket protocol upgrades over HTTP/2 connections. A remote attacker could possibly use this issue...
krb5-1.21.2-6.fc41
FEDORA-2024-36514cd080 Packages in this update: krb5-1.21.2-6.fc41 Update description: Automatic update for krb5-1.21.2-6.fc41. Changelog * Mon Jul 8 2024 Julien Rische <jrische@redhat.com> - 1.21.2-6 - CVE-2024-37370...
New APT CloudSorcerer Malware Hits Russian Targets
The malware issues commands via a hardcoded charcode table and Microsoft COM object interfaces Read More
Mekotio Trojan Targets Latin American Banking Credentials
Trend Micro said the trojan has been observed masquerading as communications from tax agencies Read More
ChatGPT for Mac app flaw left users’ chat history exposed
OpenAI's ever-so-clever ChatGPT's software was doing something really-rather-stupid: storing users' chats on their Mac computers in plaintext. Read more in my article on the Hot...
Cisco Warns regreSSHion Vulnerability Impacts Multiple Products
Cisco has told customers that 42 of its products are impacted by the OpenSSH regreSSHion vulnerability, with a further 51 products being investigated Read More
Russia Blocks VPN Services in Information Crackdown
The ban comes from Russian communication watchdog Roskomnadzor, likely in a bid to control the flow of information to Russian citizens Read More
USN-6884-1: Nova vulnerability
Martin Kaesberger discovered that Nova incorrectly handled QCOW2 image processing. An authenticated user could use this issue to access arbitrary files on the server, possibly...