ICO challenges adtech to step up privacy protection

The UK Information Commissioners Office ICO wants the advertising industry to come up with new initiatives that address the risks of adtech, and take account of data protection requirements from the outset. The ICO is an independent body set up to uphold information rights. The technology that is...

Updated rust packages fix security vulnerability

Updated rust packages fix security vulnerability This update mitigates a security concern in the Unicode standard, affecting source code containing "bidirectional override" Unicode codepoints: in some cases the use of those codepoints could lead to the reviewed code being different than the...

CVE-2021-43669

A vulnerability has been detected in HyperLedger Fabric v1.4.0, v2.0.0, v2.0.1, v2.3.0. It can easily break down as many orderers as the attacker wants. This bug can be leveraged by constructing a message whose header is invalid to the interface Order. This bug has been admitted and fixed by the...

Mozilla Firefox Security Advisory (MFSA2015-10) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

WordPress Download Manager Plugin < 3.2.16 XSS Vulnerability

The WordPress plugin Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it...

MAL-2021-5 Malicious code in portal-shell (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 6ffd7e5a9ce9fae497402105a8a055471199ee7ce66a5fce2e1a8655640a81e6 Malicious packages campaign since 2021 targeting developers, steals source code and secrets...

Millions of Routers, IoT Devices at Risk from BotenaGo Malware

Newly surfaced malware that is difficult to detect and written in Google’s open-source programming language has the potential to exploit millions of routers and IoT devices, researchers have found. Discovered by researchers at AT&T AlienLabs, BotenaGo can exploit more than 30 different...

Limiting your exposure to location data resellers

Location data is valuable, just ask Huq Industries, who make a living out of selling your location information, then found that the apps they bought it from hadn’t asked the end users permission to have it! Naughty! The organisations they sell it to use it for better marketing, to get a better...

Malicious Firefox Add-ons Block Browser From Downloading Security Updates

Mozilla on Monday disclosed it blocked two malicious Firefox add-ons installed by 455,000 users that were found misusing the Proxy API to impede downloading updates to the browser. The two extensions in question, named Bypass and Bypass XM, "interfered with Firefox in a way that prevented users w...

Shisho - Lightweight Static Analyzer For Several Programming Languages

Shisho is a lightweight static analyzer for developers. Please seethe usage documentation for further information. Try at Playground You can try Shisho at our playground. Try with Docker You can try shisho in your machine as follows: echo "func testv string int return lenv + 1; " | docker run -i...

Credential Disclosure in System.DirectoryServices.Protocols

Microsoft is releasing this security advisory to provide information about a vulnerability in .NET. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability. A Information Disclosure vulnerability exists in .NET where...

GHSA-9CXH-GQPX-QC5M Credential Disclosure in System.DirectoryServices.Protocols

Microsoft is releasing this security advisory to provide information about a vulnerability in .NET. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability. A Information Disclosure vulnerability exists in .NET where...

Mozilla Firefox ESR < 78.15

The version of Firefox ESR installed on the remote Windows host is prior to 78.15. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2021-44 advisory. - Mozilla developers and community members Andreas Pehrson and Christian Holler reported memory safety bugs present ...

Fedora: Security Advisory for python3.8 (FEDORA-2021-39fec3e928)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 35 Update: python3.8-3.8.12-1.fc35

Python 3.8 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.8, see other distributions that support it, such as an older Fedora release...

Reconky - A Great Content Discovery Bash Script For Bug Bounty Hunters Which Automate Lot Of Task And Organized It

Reconky is a script written in bash to automate the task of recon and information gathering.This Bash Script allows you to collect some information that will help you identify what to do next and where to look for the required target. Usage ./reconky.sh Main-Features It will Gathers Subdomains wi...

Payment API Bungling Exposes Millions of Users’ Payment Data

App developers have once again been accused of having butterfingers when it comes to API keys, leaving millions of mobile app users at risk of exposing their personal and payment data. CloudSEK, maker of artificial intelligence- AI- enabled digital threat protection, reported last week that the...

Prism 安全漏洞

Prism is an application from the US-based individual developers of Prism. It is a lightweight, extensible syntax highlighting tool. Prism suffers from a security vulnerability that stems from Prism's susceptibility to inefficient regular expression complexity...

What do Developers Look for When Choosing Software

We asked five software developers at Trend Micro how they research the software solutions they use professionally or in their own projects...

Fedora: Security Advisory for python3.8 (FEDORA-2021-a192f83412)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...