news
Security Leftovers
-
LWN ☛ Security updates for Tuesday
Security updates have been issued by AlmaLinux (.NET 8.0, firefox, kernel, kernel-rt, libssh, and perl-JSON-XS), Debian (ark and libphp-adodb), Fedora (chromium and gi-docgen), Mageia (quictls), Oracle (.NET 8.0, .NET 9.0, firefox, httpd, kernel, libsoup3, libssh, microcode_ctl, and webkit2gtk3), SUSE (go1.24, go1.25, krb5, python-ldap, and webkit2gtk3), and Ubuntu (gst-plugins-base1.0, linux, linux-aws, linux-gcp, linux-gke, linux-gkeop, linux-hwe-5.15,
linux-ibm, linux-ibm-5.15, linux-lowlatency, linux-lowlatency-hwe-5.15,
linux-nvidia, linux-oracle, linux-oracle-5.15, linux-xilinx-zynqmp, linux-fips, linux-aws-fips, linux-azure-fips, linux-gcp-fips,
linux-intel-iot-realtime, linux-realtime, and python-ldap).
-
Dark Reading ☛ Is Your Car a BYOD Risk? Researchers Demonstrate How
At BSides NYC on Oct. 18, Threatlight chief technology officer (CTO) and co-founder Tim Shipp detailed a proof-of-concept (PoC) attack chain that began in a parked car and ended in corporate Linux servers and ESXi hypervisors. Call it a BYOC — a bring-your-own-car attack. And it required only a few cheap gadgets.
The key (pun intended) was the driver's phone — using the car to reach the phone, then using the phone to reach the company's network.
-
Federal News Network ☛ F5 hack highlights persistent supply chain security concerns
The F5 breach targets a "foundational technology" relied upon by government agencies and critical infrastructure operators.
> -
Security Week ☛ Over 73,000 WatchGuard Firebox Devices Impacted by Recent Critical Flaw
Affecting the Fireware OS iked process, the vulnerability can lead to remote code execution and does not require authentication.
-
Security Week ☛ CISA Warns of Exploited Apple, Kentico, Abusive Monopolist Microsoft Vulnerabilities
Leading to code execution, authentication bypass, and privilege escalation, the flaws were added to CISA’s KEV list.
-
Security Week ☛ Government, Industrial Servers Targeted in China-Linked ‘PassiveNeuron’ Campaign
A threat actor has been infecting servers of high-profile entities with backdoors to exfiltrate information and deploy additional payloads.
-
Bruce Schneier ☛ A Cybersecurity Merit Badge
Scouting America (formerly known as Boy Scouts) has a new badge in cybersecurity. There’s an image in the article; it looks good.
I want one.
-
XSAs released on 2025-10-21
The Xen Project has released one or more Xen security advisories (XSAs).
-
Scoop News Group ☛ Researchers uncover remote code execution flaw in abandoned Rust code library
The high-severity defect affects a widely used — but largely hidden — archive tool that spans many forks.
-
OpenSSF (Linux Foundation) ☛ What’s in the SOSS? Podcast #43 – S2E20 Building Trust in Open Source: Seth Larson’s Journey from Maintainer to Security Leader
Seth Larson, Security Developer-in-Residence at the Python Software Foundation, joins What’s in the SOSS? to discuss trust, documentation, and the evolution of secure-by-default practices in open source.
-
Security Week ☛ Supply Chain Attack Targets VS Code Extensions With ‘GlassWorm’ Malware
The malware uses invisible Unicode characters to hide its code and blockchain-based infrastructure to prevent takedowns.