Blog Series
Linux & Open Source News
- No categories
New SSH-Snake Worm-Like Tool Threatens...
The Sysdig Threat Research Team (TRT) discovered that a threat actor is leveraging an open-source network mapping tool called SSH-Snake for malicious activities. This tool utilizes SSH credentials found on...
VMWare Urges Users to Uninstall...
VMware has issued a no-patch advisory urging users to take swift action by removing the deprecated Enhanced Authentication Plug-in (EAP). EAP was deprecated nearly three years ago, in March 2021,...
SNS Sender Script Used for...
A new threat has emerged in the form of a Python script called SNS Sender, which malicious actors are utilizing to send bulk smishing messages through Amazon Web Services (AWS)...
Ubuntu 18.04 Security Updates for...
Recently, Ubuntu has rolled out security updates addressing several Linux kernel vulnerabilities in Ubuntu 18.04. In this article, we will delve into the specifics of these vulnerabilities, along with their...
Ivanti Pulse Secure Found Using...
Ivanti Pulse Secure VPN appliances have recently been a target of several sophisticated attacks, highlighting the ongoing challenges in safeguarding critical IT infrastructure like network devices. UNC5221, a nation-state group,...
Debian 12.5 Arrived with 42...
On February 10th, 2024, the Debian Project unveiled Debian 12.5, the fourth ISO update to the ongoing Debian GNU/Linux 12 “Bookworm” series. This release, which came 2 months after Debian...
Several OpenJDK Vulnerabilities...
Recently, several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in side channel attacks, leaking of sensitive data to log files, denial of service, or bypass...
Roundcube Webmail Vulnerability Under Exploitation,...
Recently, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Roundcube webmail vulnerability to its Known Exploited Vulnerabilities (KEV) catalog. Tracked as CVE-2023-43770, this issue is a persistent cross-site...
Multiple Race Condition Vulnerabilities Fixed...
A race condition vulnerability usually occurs in concurrent or multi-threaded programs where multiple processes or threads access shared resources without proper synchronization. Unpredictable outcomes like data corruption, system crashes, or...
Multiple FreeImage Vulnerabilities Fixed in...
Multiple vulnerabilities were discovered in FreeImage, an open-source support library for graphic image formats. These vulnerabilities, when left unaddressed, could potentially lead to denial of service attacks. On 16th January...
High-Severity Squid Vulnerabilities Fixed in...
Squid is a powerful tool for caching proxy for the web, but like any software, it is not immune to vulnerabilities. Several security vulnerabilities have been discovered that could potentially...
Several libde265 Vulnerabilities Patched: What...
Several vulnerabilities were discovered in libde265, an Open H.265 video codec implementation. These vulnerabilities could result in denial of service and potentially the execution of arbitrary code if a specially...