news
Security and Windows TCO Leftovers
-
Diffoscope ☛ Reproducible Builds (diffoscope): diffoscope 317 released
The diffoscope maintainers are pleased to announce the release of diffoscope version
317. This version includes the following changes:* Limit python3-guestfs Build-Dependency to !i386. (Closes: #1132974)
* Try to fix PYPI_ID_TOKEN debugging.
-
NVISO Labs ☛ Security’s Blind Spot: Physical Keyloggers That Bypass Antivirus Entirely
Keyloggers: A Persistent Threat Nowadays, virtually all digital services rely on logins and authentication, from email inboxes to help desks. These involve login credentials to prove identity, typically at least a username and a password. Initially, this information is confidential from a potential attacker.
-
Security Week ☛ Chrome 147 Patches 60 Vulnerabilities, Including Two Critical Flaws Worth $86,000
The critical vulnerabilities affect Chrome’s WebML component and they have been reported by anonymous researchers.
-
Federal News Network ☛ Army Corps reviews Surveillance Giant Google data center proposal, seeks public input
“The focus is on helping the applicant get to 'yes' by making sure the proposal complies with the law, allows for reasonable development," Jay Townsend said.
-
Security Week ☛ Google Rolls Out Cookie Theft Protections in Chrome
New Device Bound Session Credentials render stolen session cookies unusable by cryptographically binding authentication.
-
OpenSSF (Linux Foundation) ☛ Security Slam 2026: Celebrating Our Security Champions and Project Milestones
The 2026 Security Slam has officially concluded, and we couldn't be more proud of the progress made across the open source ecosystem. From automated baseline evaluations to comprehensive threat modeling, our participating projects and contributors have taken significant steps to “secure open source at the source."
-
Security Week ☛ Critical Marimo Flaw Exploited Hours After Public Disclosure
Within nine hours, a hacker built an exploit from the unauthenticated bug’s advisory and started using it in the wild.
-
Security Week ☛ MITRE Releases Fight Fraud Framework
The document provides a behavior-based model of the tactics and techniques employed by fraudsters.
-
Security Week ☛ Orthanc DICOM Vulnerabilities Lead to Crashes, RCE
Attackers could exploit these vulnerabilities in denial-of-service, information disclosure, and arbitrary code execution attacks.
-
Security Week ☛ Industry Reactions to Iran Hacking ICS in Critical Infrastructure: Feedback Friday
The US government has warned that Iran-linked hackers are manipulating PLCs and SCADA systems to cause disruption.
-
Security Week ☛ Juniper Networks Patches Dozens of Junos OS Vulnerabilities
A critical-severity flaw could be exploited remotely, without authentication, to take over a vulnerable device.
-
Federal News Network ☛ Visibility is the only way to fix the public’s growing security debt
Visibility changes the equation, paving the way to strengthen cyber resilience and systematically address the vulnerability backlog in government.
-
Security Week ☛ Microsoft Finds Vulnerability Exposing Millions of Android Crypto Wallet Users
The security hole affected an EngageLab SDK and it was reported by Abusive Monopolist Microsoft to the vendor one year ago.
-
LWN ☛ Security updates for Friday
Security updates have been issued by AlmaLinux (container-tools:rhel8, fontforge, freerdp, go-toolset:rhel8, gstreamer1-plugins-bad-free, gstreamer1-plugins-base, and gstreamer1-plugins-good, kernel, kernel-rt, libtasn1, mariadb:10.11, mysql:8.4, nginx:1.24, openssh, pcs, python-jinja2, python3.9, ruby:3.1, vim, virt:rhel and virt-devel:rhel, and xmlrpc-c), Debian (libyaml-syck-perl and openssh), Fedora (cockpit, crun, dnsdist, doctl, fido-device-onboard, libcgif, libpng12, libpng15, mbedtls, opensc, and util-linux), Red Hat (git-lfs, go-toolset:rhel8, grafana, grafana-pcp, and rhc), Slackware (libpng), SUSE (389-ds, aws-c-event-stream, bind, cockpit, cockpit-repos, corepack24, dcmtk, dnsdist, docker-compose, expat, firefox, firefox-esr, gnome-online-accounts, gvfs, gnutls, jupyter-jupyterlab-templates, kea, libIex-3_4-33, libpng16, mapserver, perl-XML-Parser, postgresql13, postgresql16, python-Pillow, python311-lupa, thunderbird, tigervnc, and tomcat10), and Ubuntu (linux-azure-fips, linux-hwe, linux-intel-iot-realtime, linux-nvidia-tegra-5.15, openssl, openssl1.0, and python-django).
-
Tom's Hardware ☛ HWMonitor and CPU-Z developer CPUID breached by unknown attackers — cyberattack forced users to download malware instead of valid apps for six hours
Unknown attackers compromised the CPUID website, redirecting users to malware laden versions of popular tools.
-
SANS ☛ Obfuscated JavaScript or Nothing, (Thu, Apr 9th)
I spotted an interesting piece of JavaScript code that was delivered via a phishing email in a RAR archive.
-
Linux Foundation leader impersonated in Slack phishing campaign
An attacker has been impersonating a Linux Foundation community leader and contacting open-source developers on Slack as part of a phishing campaign to steal credentials and deploy malware, the Open Source Security Foundation (OpenSSF) said in an advisory April 7.
The campaign has targeted members of the Linux Foundation’s ToDoGroup Slack workspace and related communities, wrote Christopher "CRob" Robinson in the advisory, chief technology officer and chief security architect at OpenSSF.
-
Windows TCO / Windows Bot Nets
-
Security Week ☛ In Other News: Cyberattack Stings Stryker, backdoored Windows Zero-Day, China Supercomputer Hack
Other noteworthy stories that might have slipped under the radar: Jones Day hacked, Internet Bug Bounty program paused due to AI, new Mac stealer malware.
-
Silicon Angle ☛ Hospitals are becoming hackers’ favorite target, but downtime simply isn’t an option
Healthcare IT finds itself at a critical intersection where significant data opportunities are colliding with escalating cybersecurity threats. Rural and community hospitals, in particular, are facing intense cost strains as ransomware attacks proliferate.
-