Russian Hackers Deploy HATVIBE and CHERRYSPY Malware Across Europe and Asia

Unlocking Google Workspace Security: Are You Doing Enough to Protect Your Data?

Microsoft, Meta, and DOJ Disrupt Global Cybercrime and Fraudulent Networks

PyPI Attack: ChatGPT, Claude Impersonators Deliver JarkaStealer via Python Libraries

Warning: Over 2,000 Palo Alto Networks Devices Hacked in Ongoing Attack Campaign

A high-severity code injection vulnerability has been disclosed in 23andMe's Yamale, a schema and validator for YAML, that could be trivially exploited by adversaries to execute arbitrary Python code. The flaw, tracked as CVE-2021-38305 (CVSS score: 7.8), involves manipulating the schema file provided as input to the tool to circumvent protections and achieve code execution. Particularly, the

Headline

Code Execution Bug Affects Yamale Python Package — Used by Over 200 Projects

The Hacker News: Latest News