Latest News
Cloudflare Tunnels is just the latest legitimate cloud service that cybercriminals and state-sponsored threat actors are abusing to hide their tracks.
A single barrier prevented attackers from exploiting a critical vulnerability in an enterprise collaboration platform. Now there's a workaround.
At least 17 affiliate groups have used the "DroidBot" Android banking Trojan against 77 financial services companies across Europe, with more to come, researchers warn.
AI-powered tools are making cybersecurity tasks easier to solve, as well as easier for the team to handle.
In PyO3 0.23.0 the `PYO3_CONFIG_FILE` environment variable used to configure builds regressed such that changing the environment variable would no longer trigger PyO3 to reconfigure and recompile. In combination with workflows using tools such as `maturin` to build for multiple versions in a single build, this leads to Python wheels being compiled against the wrong Python API version. All users who distribute artefacts for multiple Python versions are encouraged to update and rebuild with PyO3 0.23.3. Affected wheels produced from PyO3 0.23.0 through 0.23.2 are highly unstable and will crash the Python interpreter in unpredictable ways.
The library breaks the safety assumptions when using unsafe API `std::slice::from_raw_parts`. First, when using the API in iterator implementation (`TempFdArrayIterator.next`), generic type could be any type, which would create and pass a misaligned pointer to the unsafe API. Second, when validating the address, the code passed the type `c_void`, which could also be any type, leading to potential uninitialized memory exposure. Two unsound usages here highlight the necessity for developers to perform type checks before doing type conversion with unsafe API. The panic caused by the misalignment causes several downstream applications (e.g., `greptimedb`) to crash when using `pprof::report::ReportBuilder::build`. This was patched in 0.14.0. The developer also suggested moving to [pprof2](https://crates.io/crates/pprof2).
Ever wonder what an extroverted strategy security nerd does? Wonder no longer! This week, Joe pontificates on his journey at Talos, and then is inspired by the people he gets to meet and help.
One Identity wins "Hot Company: Privileged Access Management" at the 12th Cyber Defense Magazine InfoSec Innovator Awards, showcasing PAM excellence in cybersecurity.
SUMMARY A day after taking down the cybercrime platform MATRIX, Europol and international law enforcement agencies have successfully…
Discover the future of eCommerce with bespoke app development. Learn how tailored solutions enhance user experience, security, and performance while empowering businesses to meet unique needs and gain a competitive edge.