py-matrix-synapse -- malicious push rules may be used for a denial of service attack.

Matrix developers report: "Push rules" can specify conditions under which they will match, including eventmatch, which matches event content against a pattern including wildcards. Certain patterns can cause very poor performance in the matching engine, leading to a denial-of-service when processi...

Buer Malware Tool Rewritten in E-Z Rust Language

A variant of the Buer malware, which is being distributed in emails disguised as DHL support shipping notices, comes with a fresh code rewrite in the popular Rust language and looks like it may be in the process of prepping for rental to other cybercrooks. Join Threatpost for “Fortifying Your...

[SECURITY] Fedora 33 Update: python3.8-3.8.9-1.fc33

Python 3.8 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.8, see other distributions that support it, such as an older Fedora release...

[SECURITY] Fedora 32 Update: python39-3.9.4-1.fc32

Python 3.9 package for developers. This package exists to allow developers to test their code against a newer version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.9, update your Fedora to a newer version once Python 3.9 is stable...

Fake Trezor app steals more than $1 million worth of crypto coins

Several users of Trezor, a small hardware device that acts as a cryptocurrency wallet, have been duped by a fake app with the same name. The app was available on Google Play and Apple’s App Store and also claimed to be from SatoshiLabs, the creators of Trezor. According to the Washington Post, th...

[SECURITY] Fedora 32 Update: tor-0.4.5.7-1.fc32

The Tor network is a group of volunteer-operated servers that allows people to improve their privacy and security on the Internet. Tor's users employ this network by connecting through a series of virtual tunnels rather than makin g a direct connection, thus allowing both organizations and...

[SECURITY] Fedora 33 Update: tor-0.4.5.7-1.fc33

The Tor network is a group of volunteer-operated servers that allows people to improve their privacy and security on the Internet. Tor's users employ this network by connecting through a series of virtual tunnels rather than makin g a direct connection, thus allowing both organizations and...

Fedora: Security Advisory for python3.10 (FEDORA-2021-5a09621ebb)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for gnome-devel-docs (FEDORA-2021-303f6623fa)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 34 Update: python3.10-3.10.0~a6-1.fc34

Python 3.10 package for developers. This package exists to allow developers to test their code against a newer version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.10, update your Fedora to a newer version once Python 3.10 is stable...

Hackers Infecting Apple App Developers With Trojanized Xcode Projects

Cybersecurity researchers on Thursday disclosed a new attack wherein threat actors are leveraging Xcode as an attack vector to compromise Apple platform developers with a backdoor, adding to a growing trend that involves targeting developers and researchers with malicious attacks. Dubbed...

New macOS malware XcodeSpy found sneaking into spy on victims

By Habiba Rashid According to researchers, XcodeSpy malware is targeting Xcode Developers in a supply-check attack. This is a post from HackRead.com Read the original post: New macOS malware XcodeSpy found sneaking into spy on victims...

Trojanized Xcode Project Slips MacOS Malware to Apple Developers

Cybercriminals are targeting Apple developers with a trojanized Xcode project, which once launched installs a backdoor that has spying and data exfiltration capabilities. Xcode is comprised of a suite of free, open software development tools developed by Apple for creating software for macOS, iOS...

[SECURITY] Fedora 32 Update: python3.10-3.10.0~a6-1.fc32

Python 3.10 package for developers. This package exists to allow developers to test their code against a newer version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.10, update your Fedora to a newer version once Python 3.10 is stable...

[SECURITY] Fedora 33 Update: python3.10-3.10.0~a6-1.fc33

Python 3.10 package for developers. This package exists to allow developers to test their code against a newer version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.10, update your Fedora to a newer version once Python 3.10 is stable...

Fedora: Security Advisory for python39 (FEDORA-2021-7c1bb32d13)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

FreeBSD : vault -- unauthenticated license read (52bd2d59-4ab5-4bef-a599-7aac4e92238b)

vault developers report : Limited Unauthenticated License Read: We addressed a security vulnerability that allowed for the unauthenticated reading of Vault licenses from DR Secondaries. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the...

[SECURITY] Fedora 32 Update: python39-3.9.2-1.fc32

Python 3.9 package for developers. This package exists to allow developers to test their code against a newer version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.9, update your Fedora to a newer version once Python 3.9 is stable...

Amazon Dismisses Claims Alexa 'Skills' Can Bypass Security Vetting Process

Researchers warn Amazon’s voice assistant Alexa is vulnerable to malicious third-party “skills” – voice assistant capabilities developed by third parties – that could leave smart-speaker owners vulnerable to a wide range of cyberattacks. The security-threat claim is roundly dismissed by Amazon...

CVE-2021-23965

Mozilla developers reported memory safety bugs present in Firefox 84. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox 85...