Ubuntu: Security Advisory (USN-7506-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PT-2025-7456 · Palo Alto Networks · Palo Alto Networks Cortex Xdr Agent

Name of the Vulnerable Software and Affected Versions: Palo Alto Networks Cortex XDR agent affected versions not specified Description: A problem with a detection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices enables a user with Windows non-administrative privileges to...

Polyfill Library Injected with Malware Impacting 100,000 Websites

A trusted JavaScript library, Polyfill.io, became a malware delivery system. Security experts exposed the attack and the potential consequences for website visitors. Learn how this supply chain attack highlights the importance of web development security and what steps developers can take to...

Leaked Android Platform Certificates Create Risks for Users

On November 30, 2022, a Google apvi report from Łukasz Siewierski initially filed on November 11, 2022 was made public. The report contained 10 different platform certificates and malware sample SHA256 sums where the malware sample had been signed by a platform certificate — the application signi...

Malicious code in gulp-elsint (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a663e5efe598403dc8a9b515674d048b8300441199b7e2e016ddf99c8cc72eab Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Threatpost News Wrap Podcast for June 8

Threatpost editors Tom Spring, Tara Seals and Lindsey O’Donnell discuss the week’s information security news, including a bevy of IoT device privacy incidents, a critical Adobe Flash vulnerability, and an update on the breadth and impact of the VPNFilter malware found last month by Cisco Talos...

How smart is my smart TV?

Some weeks ago, my friend asked me the headlining question while we were having a random argument about electronics. I found it to be an interesting one, particularly because it underlines the current mindset towards security of electronic devices communicable over computer networks. We are...

Explained: security certificates

As a result of my PowerShell series 1,2,3, where I used the handling of certificates as an example, mainly because I wanted a method to keep track easier of which certificates were being added by malware, I've have received some questions about how security certificates work and how they stopped...