USN-6938-1: Linux kernel vulnerabilities
It was discovered that the device input subsystem in the Linux kernel did not properly handle the case when an event code falls outside of...
Nearly 7% of Internet Traffic Is Malicious
Cloudflare reports on the state of applications security. It claims that 6.8% of Internet traffic is malicious. And that CVEs are exploited as quickly as...
Urgent Blood Appeal Issued in US After Ransomware Attack
US non-profit OneBlood has issued an urgent appeal for donations after a ransomware attack has significantly reduced its capacity to distribute blood to hospitals Read...
USN-6937-1: OpenSSL vulnerabilities
It was discovered that OpenSSL incorrectly handled TLSv1.3 sessions when certain non-default TLS server configurations were in use. A remote attacker could possibly use this...
New SMS Stealer Malware Targets Over 600 Global Brands
Discovered by Zimperium’s zLabs team, the SMS Stealer malware was found in over 105,000 samples Read More
USN-6935-1: Prometheus Alertmanager vulnerability
It was discovered that prometheus-alertmanager didn't properly sanitize input it received through an API endpoint. An attacker with permission to send requests to this endpoint...
frr-9.1.1-1.fc40
FEDORA-2024-e60ca8feb0 Packages in this update: frr-9.1.1-1.fc40 Update description: New version 9.1.1. Includes fixes for CVE-2024-31950, CVE-2024-31951 and CVE-2024-31949. Read More
Meta to Pay Texas $1.4bn for Unlawful Biometric Data Capture
Meta has agreed a $1.4bn settlement with the State of Texas for failing to inform Facebook users about its biometric data capturing practices Read More
New PyPI Package Zlibxjson Steals Discord, Browser Data
According to Fortinet, PyPI package Zlibxjson steals Discord tokens and browser data, including passwords and extensive user information Read More
Don’t Let Your Domain Name Become a “Sitting Duck”
More than a million domain names — including many registered by Fortune 100 firms and brand protection companies — are vulnerable to takeover by cybercriminals...