Unpatched 15-year old Python bug allows code execution in 350k projects

A vulnerability in the Python programming language that has been overlooked for 15 years is now…

The Ultimate Security Blind Spot You Don’t Know You Have

Using instructor-led training, e-learning, hands-on labs, and gamification, Cydrill offers a novel and effective way to…

Node.js prototype pollution is bad for app environment

Boffins find common code constructs that may be exploitable to achieve remote code execution Read more…

Hackers scan for vulnerabilities within 15 minutes of disclosure

System administrators have even less time to patch disclosed security vulnerabilities than previously thought, as a…

Luca Stealer malware spreads after code appears on GitHub

Cool, another Rust project … Oh wait… Read more…

Experts Uncover New ‘CosmicStrand’ UEFI Firmware Rootkit Used by Chinese Hackers

Researchers have discovered a new UEFI firmware rootkit malware, dubbed “CosmicStrand,” that Chinese hackers have been…

Hardcoded password in Confluence app has been leaked on Twitter

Advisory had already warned hardcoded password was “trivial to obtain.” Read more at Ars Technica…

New Linux Malware Framework Lets Attackers Install Rootkit on Targeted Systems

Researchers uncover “Lightning Framework,” a new Swiss Army Knife-like Linux malware that has modular plugins and…

Researcher uses 379-year-old algorithm to crack crypto keys found in the wild

It takes only a second to crack the handful of weak keys. Are there more out…

Linux has been bitten by its most high-severity vulnerability in years

Dirty Pipe has the potential to smudge people using Linux and Linux derivitives. Read more at…

New Linux Kernel cgroups Vulnerability Could Let Attackers Escape Container

A new vulnerability in the Linux kernel’s control groups feature could let attackers to escape a…

Linux developers patch security holes faster than anyone else, says Google Project Zero | ZDNet

Linux programmers do a better job of patching security holes than programmers at Apple, Google, and…