FBI Seeks Public Help to Identify Chinese Hackers Behind Global Cyber Intrusions

New Android Banking Malware 'ToxicPanda' Targets Users with Fraudulent Money Transfers

Leveraging Wazuh for Zero Trust security

Synology Urges Patch for Critical Zero-Click RCE Flaw Affecting Millions of NAS Devices

Malware Campaign Uses Ethereum Smart Contracts to Control npm Typosquat Packages

A high-severity code injection vulnerability has been disclosed in 23andMe's Yamale, a schema and validator for YAML, that could be trivially exploited by adversaries to execute arbitrary Python code. The flaw, tracked as CVE-2021-38305 (CVSS score: 7.8), involves manipulating the schema file provided as input to the tool to circumvent protections and achieve code execution. Particularly, the

Headline

Code Execution Bug Affects Yamale Python Package — Used by Over 200 Projects

The Hacker News: Latest News