Hackaday

This Week In Security: Linux Flaws, Python Ownage, And A Botnet Shutdown

Qualys reports the discovery by their threat research unit of vulnerabilities in the Linux AppArmor system used by SUSE, Debian, Ubuntu, and ...
Infosecurity Magazine

Hackers Exploit Critical Langflow Bug in Just 20 Hours

Sysdig cited figures from the Zero Day Clock initiative which revealed that median time-to-exploit (TTE) collapsed from 771 ...

OpenAI is acquiring open source Python tool-maker Astral

OpenAI announced Thursday that it has entered into an agreement to acquire Astral, the company behind popular open source Python development tools such as uv, Ruff, and ty, and integrate the company ...

GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...

Apple releases critical security update for older iPhones and iPads to address Coruna exploit

Apple has released important updates for older iPhones and iPads that do not run the newer versions of iOS and iPadOS. These updates include security patches to counter a dangerous exploit kit, that ...
IEEE

Toward Automatic Heap Exploit Generation by Using Heap Layout Constraints on Binary Programs

Abstract: Automatic exploit generation (AEG) is widely recognized as one of the most effective methods for assessing the risk level of vulnerabilities. To exploit heap-related vulnerabilities, it is ...
The Hacker News

⚡ Weekly Recap: Qualcomm 0-Day, iOS Exploit Chains, AirSnitch Attack & Vibe-Coded Malware

Your weekly cybersecurity roundup covering the latest threats, exploits, vulnerabilities, and security news you need to know.

AI helps novice threat actor compromise FortiGate devices in dozens of countries

Generative AI tools analyzed target networks and wrote exploit code, enabling an opportunistic attacker to have an outsized ...