Researchers Scan for Supply-Side Threats in Open Source
A recent project to scan the main Python repository's 268,000 packages found only a few potentially malicious programs, but work earlier this year uncovered hundreds of instances of malware.Open...
EFF, Security Experts Condemn Politicization of Election Security
Enterprise VulnerabilitiesFrom DHS/US-CERT's National Vulnerability Database
CVE-2020-28092PUBLISHED: 2020-11-17PESCMS Team 2.3.2 has multiple reflected XSS via the id parameter:?g=Team&m=Task&a=my&status=3&id=,?g=Team&m=Task&a=my&status=0&id=,?g=Team&m=Task&a=my&status=1&id=,?g=Team&m=Task&a=my&status=10&id=
CVE-2020-28914PUBLISHED: 2020-11-17
An improper file permissions vulnerability affects Kata Containers prior to 1.11.5. When...
Twitter names famed hacker ‘Mudge’ as head of security
Social media giant Twitter, under increased threat of regulation and plagued by serious security breaches, is appointing one of the world’s best-regarded hackers to tackle everything from engineering missteps...
Robot enforces mask-wearing, distancing at store in Japan
A robot has signed on as the newest staff member at a store in Japan, taking on the job of ensuring customers wear masks and practice social distancing to...
Malsmoke operators abandon exploit kits in favor of social engineering scheme
Threat actors behind malsmoke, one of the largest malvertising campaigns we've seen in recent months, have switched malware delivery tactics.
Exploit kits continue to be used as a malware...
