Blog
Looney Tunables: New Linux Flaw Enables Privilege Escalation on Major Distributions
A new Linux security vulnerability dubbed Looney Tunables has been discovered in the GNU C library's ld.so dynamic loader that, if successfully exploited, could lead to a local privilege escalation and allow a threat actor to gain root privileges. Tracked...
ShellTorch Vulnerabilities Put Organizations at Risk of Server Takeover
The vulnerabilities, collectively known as "ShellTorch," have been patched in the latest version of TorchServe (0.8.2), hence, developers are encouraged to update to ensure their systems are secure.
Experts Discover Multiple Malicious npm Packages
Researchers at FortiGuard Labs uncovered nine sets of malicious NPM packages designed to steal sensitive data, including system information, user credentials, and source code. These malicious packages use install scripts to exfiltrate data to webhooks or file-sharing...
Experts Discover Multiple Malicious npm Packages
Researchers at FortiGuard Labs uncovered nine sets of malicious NPM packages designed to steal sensitive data, including system information, user credentials, and source code. These malicious packages use install scripts to exfiltrate data to webhooks or file-sharing...
Experts Discover Multiple Malicious npm Packages
Researchers at FortiGuard Labs uncovered nine sets of malicious NPM packages designed to steal sensitive data, including system information, user credentials, and source code. These malicious packages use install scripts to exfiltrate data to webhooks or file-sharing...
Experts Discover Multiple Malicious npm Packages
Researchers at FortiGuard Labs uncovered nine sets of malicious NPM packages designed to steal sensitive data, including system information, user credentials, and source code. These malicious packages use install scripts to exfiltrate data to webhooks or file-sharing...
Qualcomm Releases Patch for 3 new Zero-Days Under Active Exploitation
Chipmaker Qualcomm has released security updates to address 17 vulnerabilities in various components, while warning that three other zero-days have come under active exploitation. Of the 17 flaws, three are rated Critical, 13 are rated High, and one is rated Medium in...
Warning: PyTorch Models Vulnerable to Remote Code Execution via ShellTorch
Cybersecurity researchers have disclosed multiple critical security flaws in the TorchServe tool for serving and scaling PyTorch models that could be chained to achieve remote code execution on affected systems. Israel-based runtime application security company Oligo,...
Microsoft Edge, Teams Get Fixes for Zero-Days in Open-Source Libraries
The vulnerabilities are caused by heap buffer overflow weaknesses in open-source libraries used by the products, and they can lead to crashes or arbitrary code execution.
Microsoft Edge, Teams Get Fixes for Zero-Days in Open-Source Libraries
The vulnerabilities are caused by heap buffer overflow weaknesses in open-source libraries used by the products, and they can lead to crashes or arbitrary code execution.
FREE GUIDE