Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000763)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000763 advisory. The tcpillinoisinfo function in net/ipv4/tcpillinois.c in the Linux kernel before 3.4.19, when the net.ipv4.tcpcongestioncontrol illinois setting is enabled, allows...

MiracleLinux 4 : kernel-2.6.32-279.19.1.el6 (AXSA:2013-97:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2013-97:01 advisory. The kernel package contains the Linux kernel vmlinuz, the core of any Linux operating system. The kernel handles the basic functions of the operating...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001932)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001932 advisory. The tcpillinoisinfo function in net/ipv4/tcpillinois.c in the Linux kernel before 3.4.19, when the net.ipv4.tcpcongestioncontrol illinois setting is enabled, allows...

Chinese Smishing Kit Powers Widespread Toll Fraud Campaign Targeting U.S. Users in 8 States

Cybersecurity researchers are warning of a "widespread and ongoing" SMS phishing campaign that's been targeting toll road users in the United States for financial theft since mid-October 2024. "The toll road smishing attacks are being carried out by multiple financially motivated threat actors...

Upcoming Speaking Engagements

This is a current list of where and when I am scheduled to speak: I’m speaking on “AI: Trust & Power” at Capricon 45 in Chicago, Illinois, USA, at 11:30 AM on February 7, 2025. I’m also signing books there on Saturday, February 8, starting at 1:45 PM. I’m speaking at Boskone 62 in Boston,...

Millions of US Voter Data Exposed in 13 Misconfigured Databases

Cybersecurity researcher finds 4.6M Illinois voter records exposed in unsecured databases. Sensitive data including names, addresses, and SSNs…...

Sensitive Illinois Voter Data Exposed by Contractor’s Unsecured Databases

Social Security numbers, death certificates, voter applications, and other personal data were accessible on the open internet, highlighting the ongoing challenges in election security...

Last-Level Cache Side-Channel Attacks

AMD ID: AMD-SB-7019 Potential Impact: N/A Severity: N/A Summary Researchers from the University of Illinois Urbana-Champaign and Tel Aviv University have published a paper titled “Last-Level Cache Side-Channel Attacks Are Feasible in the Modern Public Cloud.” The paper does not demonstrate any...

brand.illinois.edu Cross Site Scripting vulnerability OBB-3884719

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

appserv7.admin.uillinois.edu Cross Site Scripting vulnerability OBB-3846034

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

chicago-il.elaws.us Cross Site Scripting vulnerability OBB-3765252

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

co.effingham.il.us Cross Site Scripting vulnerability OBB-3285936

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

spurlock.illinois.edu Cross Site Scripting vulnerability OBB-3267207

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

DoppelPaymer ransomware group disrupted

Europol has announced it has arrested two suspected core members of the DoppelPaymer ransomware group. On 28 February, the German Regional Police and the Ukrainian National Police, with support from Europol, the Dutch Police, and the United States Federal Bureau of Investigations FBI, apprehended...

SUSE CVE-2012-4565

The tcpillinoisinfo function in net/ipv4/tcpillinois.c in the Linux kernel before 3.4.19, when the net.ipv4.tcpcongestioncontrol illinois setting is enabled, allows local users to cause a denial of service divide-by-zero error and OOPS by reading TCP stats...

`CHECK` fail via inputs in `SparseFillEmptyRowsGrad`

Impact If SparseFillEmptyRowsGrad is given empty inputs, TensorFlow will crash. python import tensorflow as tf tf.rawops.SparseFillEmptyRowsGrad reverseindexmap=, gradvalues=, name=None Patches We have patched the issue in GitHub commit af4a6a3c8b95022c351edae94560acc61253a1b8. The fix will be...

systemdesign.illinois.edu Cross Site Scripting vulnerability OBB-2935527

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

illinois.w100w.org Cross Site Scripting vulnerability OBB-2935290

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

archon.library.illinois.edu Cross Site Scripting vulnerability OBB-2910243

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

One Microsoft manager’s entrepreneurial vision for multicloud identity and access

In July 2021, Microsoft acquired CloudKnox, a leader in cloud infrastructure entitlement management CIEM. Over the past two years, I’ve had the pleasure of getting to know the founder and chief executive officer CEO, Balaji Parimi, who is now the Partner General Manager of Permissions Management ...