![]() |
Linux kernel impacted by new SLUBStick cross-cache attack |
A novel Linux Kernel cross-cache attack named SLUBStick has a 99% success in converting a limited heap vulnerability into an arbitrary memory read-and-write capability, letting the researchers elevate privileges or escape containers. |
Sep 15, 2024
by
Bill Toulas - Bleeping Computer
Tech News |
![]() |
Stolen Microsoft key offered widespread access to Microsoft cloud services |
The Microsoft consumer signing key stolen by Storm-0558 Chinese hackers provided them with access far beyond the Exchange Online and Outlook.com accounts that Redmond said were compromised, according to Wiz security researchers. |
Sep 24, 2023
by
Sergiu Gatlan - Bleeping Computer
Tech News |
![]() |
Unpatched 15-year old Python bug allows code execution in 350k projects |
A vulnerability in the Python programming language that has been overlooked for 15 years is now back in the spotlight as it likely affects more than 350,000 open-source repositories and can lead to code execution. Disclosed in 2007 and tagged as CVE-2007-4559, the security issue never received a patch, the only mitigation provided being a documentation update warning developers about the risk. |
Oct 15, 2022
by
Ionut Ilascu - Bleeping Computer
Tech News |
![]() |
The anatomy of suspected top-tier hidden NSA backdoor |
Pangu Lab has identified what it claims is a sophisticated backdoor that was used by the NSA to subvert highly targeted Linux systems around the world for more than a decade. |
Aug 11, 2022
by
The Register
Tech Blogs |
![]() |
NPM supply-chain attack impacts hundreds of websites and apps |
An NPM supply-chain attack dating back to December 2021 used dozens of malicious NPM modules containing obfuscated Javascript code to compromise hundreds of downstream desktop apps and websites. As researchers at supply chain security firm ReversingLabs discovered, the threat actors behind this campaign (known as IconBurst) used typosquatting to infect developers looking for very popular packages, such as umbrellajs and ionic.io NPM modules. |
Aug 11, 2022
by
Sergiu Gatlan
Tech News |
![]() |
$620 million in crypto stolen from Axie Infinity's Ronin bridge |
A hacker has stolen almost $620 million in Ethereum and USDC tokens from Axie Infinity's Ronin network bridge, making it possibly the largest crypto hack in history. |
Mar 29, 2022
by
Lawrence Abrams - BleepingComputer
Crypto News |
![]() |
Ukrainian police arrest DDoS operator controlling 100,000 bots |
Ukrainian police have arrested a hacker who controlled a 100,000 device botnet used to perform DDoS attacks on behalf of paid customers. The threat actor was arrested at his home in Prykarpattia where he was allegedly using the botnet to perform DDoS attacks or to support other malicious activity for his clients. |
Oct 11, 2021
by
Bill Toulas
Tech News |
![]() |
The importance of Devuan |
With systemd the main advantage to use Linux is obsolete. |
Nov 16, 2019
by ungleich glarus ag
Tech Blogs |
Load More by Tag |