NPM flaw let attackers add anyone as maintainer to malicious packages
A logical flaw in the npm registry, dubbed 'package planting' let authors of malicious packages quietly add anyone and any number…
Chinese APT Bronze President Mounts Spy Campaign on Russian Military
The war in Ukraine appears to have triggered a change in mission for the APT known as Bronze President (aka…
CISA: Log4Shell Was the Most-Exploited Vulnerability in 2021
Internet-facing zero-day vulnerabilities were the most commonly used types of bugs in 2021 attacks, according to the international Joint Cybersecurity…
Public interest in Log4Shell fades but attack surface remains
It's been four months since Log4Shell, a critical zero-day vulnerability in the ubiquitous Apache Log4j library, was discovered, and threat…
GitHub restores popular Python repo hit by bogus DMCA takedown
Yesterday, following a DMCA complaint, GitHub took down a repository that hosts the official SymPy project documentation website. It turns out…
Capitol Police ordered an evacuation over ‘probable threat’ from an aircraft, but it was just a US Army skydiving team at Nationals baseball park
The U.S. Capitol Police issued an emergency evacuation order based on an aircraft they said was a "probable threat" to…
UPDATE: Joaquin Ciria Set Free After Being Exonerated in 1990 SF Homicide; ‘It Is a Happy Moment’
SAN FRANCISCO (CBS SF) — After spending over three decades of his life behind bars...
Amazon Web Services fixes container escape in Log4Shell hotfix
Amazon Web Services (AWS) has fixed four security issues in its hot patch from December that addressed the critical Log4Shell…
Fortress Tackles Supply Chain Security, One Asset at a Time
Fortress Information Security will expand its Asset to Vendor Library to include hardware bill of materials and software bill of…
Tim Scott will take on critical race theory and Biden’s record in Reagan Library remarks
South Carolina Sen. Tim Scott (R) will warn educators against "teaching kids that they are oppressors" when he takes the…