Cybercriminals pose as "helpful" Stack Overflow users to push malware security.cyber Article 488 words 18 votes
Bug in glibc's iconv() function allows for RCE in PHP servers by setting charset to ISO-2022-CN-EXT to trigger buffer overflow (CVE-2024-2961) security.cyber Link 9 votes
When provided with CVE descriptions of 15 different vulnerabilities and a set of tools useful for exploitation, GPT-4 was capable of autonomously exploiting 13 of which, yielding an 87% success rate security.cyber PDF 17 votes
Twitter replaces twitter.com with x.com without user consent. Bad implementation invites an influx of Phishing attacks. (german source) security.cyber Article 271 words 48 votes
Critical vulnerability in Rust's Command library allows for command injection when using its API to invoke batch scripts with arguments on Windows systems (CVE-2024-24576) security.cyber programming languages Article 450 words 18 votes
On the XZ Utils Backdoor (CVE-2024-3094): FOSS Delivered on its Pitfalls and Strengths foss security linux Link 27 votes