[BleepingComputer] GitHub finds 7 code execution vulnerabilities in ‘tar’ and npm CLI

GitHub security team has identified several high-severity vulnerabilities in npm packages, “tar” and “@npmcli/arborist,” used by npm CLI. The tar package receives 20 million weekly downloads on average, whereas arborist gets downloaded over 300,000 times every week. […]

Source: Read More (BleepingComputer)

You might be interested in …

[ThreatPost] APTs Overwhelmingly Share Known Vulnerabilities Rather Than Attack O-Days

All posts, ThreatPost

Research indicates that organizations should make patching existing flaws a priority to mitigate risk of compromise. Source: Read More (Threatpost)

Read More

[ZDNet] New Android malware targeting banks in Italy, Spain, Germany, Belgium, and the Netherlands

All posts, ZDNet

Security researchers with Cleafy on Monday disclosed a new Android trojan that hijacks users’ credentials and SMS messages to facilitate fraudulent activities against banks across Europe. Source: Read More (Latest topics for ZDNet in Security)

Read More

[SecurityWeek] Robinhood Hacked, Millions of Names, Emails Stolen

All posts, Security Week

Hacker socially engineered customer support employee to obtain millions of names and emails, demanded extortion payment read more Source: Read More (SecurityWeek RSS Feed)

Read More

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.