Read Time:7 Second
Truth Social, launched by the Trump Media & Technology Group in 2022, has become a hotspot for scams like phishing and investment fraud
Yearly Archives: 2025
Biden Tightens Software Supply Chain Security Requirements Ahead of Trump Takeover
Read Time:5 Second
The US President’s second cybersecurity Executive Order will impose stricter security standards on software providers
UK government proposes ransomware payment ban for public sector
Read Time:13 Second
The UK government has proposed extending its ban on ransomware payments to cover the entire public sector in an attempt to deter cybercriminal attacks and protect taxpayers.
But is a ban a good idea?
Read more in my article on the Exponential-e blog.
USN-7215-1: libxml2 vulnerability
Read Time:8 Second
Xisco Fauli discovered that libxml2 incorrectly handled custom SAX
handlers. A remote attacker could possibly use this issue to perform XML
External Entity (XXE) attacks.
USN-7214-1: HarfBuzz vulnerability
Read Time:10 Second
It was discovered that HarfBuzz incorrecty handled certain memory
operations. A remote attacker could use this issue to cause HarfBuzz to
crash, resulting in a denial of service, or possibly execute arbitrary
code.
DORA Compliance Costs Soar Past €1m for Many UK and EU Businesses
Read Time:6 Second
Compliance with the Digital Operational Resilience Act (DORA) has cost many businesses over €1 million, according to research from Rubrik
rsync-3.4.1-1.fc41
Read Time:17 Second
FEDORA-2025-3ec637e6e9
Packages in this update:
rsync-3.4.1-1.fc41
Update description:
New version 3.4.1, a couple of fixes for the 3.4.0 release.
New version 3.4.0. Contains fixes for CVE-2024-12084, CVE-2024-12085, CVE-2024-12086, CVE-2024-12087, CVE-2024-12088, CVE-2024-12747
rsync-3.4.1-1.fc40
Read Time:9 Second
FEDORA-2025-b28759cb95
Packages in this update:
rsync-3.4.1-1.fc40
Update description:
New version 3.4.1, a couple of fixes for the 3.4.0 release.
USN-7213-1: poppler vulnerability
Read Time:9 Second
It was discovered that poppler incorrectly handled memory when opening
certain PDF files. An attacker could possibly use this issue to cause
denial of service or obtain sensitive information.
USN-7212-1: Python 2.7 vulnerabilities
Read Time:32 Second
It was discovered that Python incorrectly handled certain ZIP files. An
attacker could possibly use this issue to cause a denial of service. This
issue only affected Ubuntu 22.04 LTS. (CVE-2019-9674)
It was discovered that Python incorrectly handled certain inputs. If a
user or an automated system were tricked into running a specially
crafted input, a remote attacker could possibly use this issue to cause a
denial of service. (CVE-2022-45061)
It was discovered that Python incorrectly handled certain crafted ZIP
files. An attacker could possibly use this issue to crash the program,
resulting in a denial of service. (CVE-2024-0450)