[SECURITY] Fedora 40 Update: python3.6-3.6.15-39.fc40

Python 3.6 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.6, see other distributions that support it, such as CentOS or RHEL with Software...

[SECURITY] Fedora 41 Update: python3.6-3.6.15-39.fc41

Python 3.6 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.6, see other distributions that support it, such as CentOS or RHEL with Software...

FreeBSD : electron31 -- multiple vulnerabilities (773e7eb2-af19-4fc7-be7f-0f6a2523b98b)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 773e7eb2-af19-4fc7-be7f-0f6a2523b98b advisory. Electron developers report: This update fixes the following vulnerabilities: Tenable has...

[SECURITY] Fedora 41 Update: python3.6-3.6.15-38.fc41

Python 3.6 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.6, see other distributions that support it, such as CentOS or RHEL with Software...

[SECURITY] Fedora 40 Update: python3.6-3.6.15-38.fc40

Python 3.6 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.6, see other distributions that support it, such as CentOS or RHEL with Software...

New GitLoker-Linked GoIssue Tool Targets GitHub Users for Phishing

SlashNext researchers have discovered a new, sophisticated phishing tool GoIssue targeting GitHub developers. Learn about its capabilities, the…...

New Phishing Tool GoIssue Targets GitHub Developers in Bulk Email Campaigns

Cybersecurity researchers are calling attention to a new sophisticated tool called GoIssue that can be used to send phishing messages at scale targeting GitHub users. The program, first marketed by a threat actor named cyberdluffy aka Cyber D' Luffy on the Runion forum earlier this August, is...

FreeBSD : electron32 -- multiple vulnerabilities (96266fc9-1200-43b5-8393-4c51f54bb7bc)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 96266fc9-1200-43b5-8393-4c51f54bb7bc advisory. Electron developers report: This update fixes the following vulnerabilities: Tenable has...

How To Create a Complete GitHub Backup

The issue of GitHub data protection is increasingly discussed among developers on platforms like Reddit, X, and HackerNews.…...

In the Dark about Shadow APIs?

I’m often asked about shadow APIs and shadow API parameters—even by people with a lot of experience in the API development space...

Linux Kernel Project Drops 11 Russian Developers Amid US Sanctions Concerns

Linux Foundation removes 11 Russian developers from the Linux kernel project due to U.S. sanctions. Linus Torvalds confirms…...

[SECURITY] Fedora 40 Update: python-platformio-6.1.14-7.fc40

PlatformIO is a cross-platform, cross-architecture, multiple framework, professional tool for embedded systems engineers and for software developers who write applications for embedded products...

Online Exam System 访问控制错误漏洞

Online Exam System is an online exam system by oretnom23 individual developers. An access control error vulnerability exists in Online Exam System version 1.0, which stems from improper access control...

Leverage the Power of 45k, free, Hugging Face Models with Spring AI and Ollama

This blog post is co-authored by our great contributor Thomas Vitale. Ollama now supports all GGUF models from Hugging Face , allowing access to over 45,000 community-created models through Spring AI's Ollama integration, runnable locally. We'll explore using this new feature with Spring AI. The...

electron{31,32} -- multiple vulnerabilities

Electron developers report: This update fixes the following vulnerabilities: Security: backported fix for CVE-2024-9602. Security: backported fix for CVE-2024-9603...

CVE-2024-47166 One-level read path traversal in `/custom_component` in Gradio

Gradio is an open-source Python package designed for quick prototyping. This vulnerability involves a one-level read path traversal in the /customcomponent endpoint. Attackers can exploit this flaw to access and leak source code from custom Gradio components by manipulating the file path in the...

CVE-2024-47166

Gradio CVE-2024-47166 is a one-level read path traversal in the /custom_component endpoint. An attacker can leak source code from custom Gradio components by manipulating the file path, potentially exposing proprietary or private code on publicly accessible servers. Affected: Gradio (Python packa...

CVE-2024-47166 One-level read path traversal in `/custom_component` in Gradio

Gradio is an open-source Python package designed for quick prototyping. This vulnerability involves a one-level read path traversal in the /customcomponent endpoint. Attackers can exploit this flaw to access and leak source code from custom Gradio components by manipulating the file path in the...

Important: Red Hat Enhancement Advisory: Red Hat OpenShift Pipelines Operator Bundle 1.16.0 release

Red Hat OpenShift Pipelines 1.16.0 has been released. Red Hat OpenShift Pipelines is a cloud-native continuous integration and delivery CI/CD solution for building pipelines using Tekton. Tekton is a flexible, Kubernetes-native, open-source CI/CD framework which enables automating deployments...

N. Korean Hackers Use Fake Interviews to Infect Developers with Cross-Platform Malware

Threat actors with ties to North Korea have been observed targeting job seekers in the tech industry to deliver updated versions of known malware families tracked as BeaverTail and InvisibleFerret. The activity cluster, tracked as CL-STA-0240, is part of a campaign dubbed Contagious Interview tha...