You might be interested in …

[HackerNews] New Patch Released for Actively Exploited 0-Day Apache Path Traversal to RCE Attacks

All posts, HackerNews

The Apache Software Foundation on Thursday released additional security updates for its HTTP Server product to remediate what it says is an “incomplete fix” for an actively exploited path traversal and remote code execution flaw that it patched earlier this week. CVE-2021-42013, as the new vulnerability is identified as, builds upon CVE-2021-41773, a flaw that impacted Apache web […]

Read More

[SecurityWeek] Industry Reactions to New ‘Trojan Source’ Attack: Feedback Friday

All posts, Security Week

Researchers from the University of Cambridge have identified a new attack method that abuses Unicode to stealthily inject vulnerabilities into code. read more Source: Read More (SecurityWeek RSS Feed)

Read More

[ThreatPost] ScarCruft APT Mounts Desktop/Mobile Double-Pronged Spy Attacks

All posts, ThreatPost

The North Korea-linked group is deploying the Chinotto spyware backdoor against dissidents, journalists and other politically relevant individuals in South Korea. Source: Read More (Threatpost)

Read More