Menu

Latest articles

New NGate variant hides in a trojanized NFC payment app ESET researchers discover another iteration of NGate malware, this time possibly developed with the assistance of AI
PackageKit could be made to install packages as the administrator.
Several security issues were fixed in strongSwan.
Multiple security issues were discovered in cpp-httplib, a C++ cross platform HTTP/HTTPS library, which could result in denial of service. For the stable distribution (trixie), these problems have been fixed in version 0.18.7-1+deb13u1. We recommend that you upgrade your cpp-httplib packages.
Maik Schaefer discovered that a TOCTOU race condition in PackageKit (a package management service over a DBus interface) could result in local privilege escalation. For Debian 11 bullseye, this problem has been fixed in version 1.2.2-2+deb11u1.
Multiple vulnerabilities were fixed in strongSwan, an IKE/IPsec suite. CVE-2026-35328 A vulnerability in libtls related to the processing of the supported_versions extension in TLS that can result in an infinite loop.
An update that solves one vulnerability can now be installed.
SpaceX secures option to acquire AI coding startup Cursor for $60B
Google unleashes even more AI security agents to fight the baddies
Lateral Movement Detection Strategies for Linux Systems
France’s ‘Secure’ ID agency probes breach as crooks claim 19M records
Scotland Yard can keep using live facial recognition on people in London, say judges
AI is upending the SaaS game
Google’s Gemma 4 shines on local systems – both big and small
Oil crisis? What oil crisis? IT spending de-coupled from wider war shock
Mythos found 271 Firefox flaws – but none a human couldn’t spot
https://security-tracker.debian.org/tracker/DSA-6223-1
https://security-tracker.debian.org/tracker/DSA-6224-1
https://security-tracker.debian.org/tracker/DSA-6225-1
https://security-tracker.debian.org/tracker/DSA-6226-1
https://security-tracker.debian.org/tracker/DSA-6227-1
https://security-tracker.debian.org/tracker/DSA-6228-1
Nation-states want to cause harm, not just steal cash – stop handing your cyber defenses to the cheapest contractor
Murder, she wrote: Ex-FBI chief wants some ransomware crims charged with homicide
More Cisco SD-WAN bugs battered in attacks
What the ransom note won’t say An attack is what you see, but a business operation is what you’re up against
macOS ClickFix attacks deliver AppleScript stealers to snarf credentials, wallets
Yet another ex-ransomware negotiator admits turning rogue after payoff from crimelords
Snowflake offers help to users and builders of AI agents
AI-assisted intruders pwned Vercel via OAuth abuse and a pilfered employee account
Amazon’s $5B Anthropic bet is really about compute, not just cash
Crook claims to leak ‘video surveillance footage’ of companies
Met police trials snoop tech platform in push to cuff more London shoplifters
Andrew Nesbitt discovered that .install file directives were insufficiently restricted in OPAM, a package manager for OCaml. This could result in directory traversal out of the package area. For Debian 11 bullseye, this problem has been fixed in version 2.0.8-1+deb11u1.
Yarden Porat found a heap-based buffer overwrite in MuPDF, a lightweight PDF viewer, which may result in denial of service or the execution of arbitrary code if malformed documents are opened. For Debian 11 bullseye, this problem has been fixed in version 1.17.0+ds1-2+deb11u2.
From the engine room to the bridge: What the modern leadership shift means for architects like me
Enterprises are rethinking Kubernetes
The cookbook for safe, powerful agents
Addressing the challenges of unstructured data governance for AI
GitHub pauses new Copilot sign-ups as agentic AI strains infrastructure
# Security update for rootlesskit Announcement ID: SUSE-SU-2026:1493-1 Release Date: 2026-04-20T15:58:01Z Rating: important References:
An update that can now be installed.
# Security update for rootlesskit Announcement ID: SUSE-SU-2026:1494-1 Release Date: 2026-04-20T15:58:21Z Rating: important References:
# Security update for containerd Announcement ID: SUSE-SU-2026:1495-1 Release Date: 2026-04-20T16:00:19Z Rating: important References:
Adaptavist Group breach spawns imposter emails as ransomware crew claims mega-haul
Panasonic creates device-locked QR codes to speed facial biometric capture
Iran claims US used backdoors to knock out networking equipment during war
https://security-tracker.debian.org/tracker/DSA-6221-1
https://security-tracker.debian.org/tracker/DSA-6222-1
Vibe coding upstart Lovable denies data leak, cites ‘intentional behavior,’ then throws HackerOne under the bus