news
Security: Patches, Holes, and Rust
-
Security Week ☛ Eight-Year-Old Samsung KNOX Flaw Exposed Millions of Galaxy Devices to Kernel Attacks
The high-severity use-after-free vulnerability in Samsung's KNOX security framework affected Android-powered Galaxy devices from the S9 through S25.
-
LWN ☛ Security updates for Tuesday
Security updates have been issued by Debian (ffmpeg), Fedora (erlang, ffmpeg, prometheus, python-scrapy, python3-docs, python3.14, thorvg, tigervnc, and vips), Mageia (mumble and sslh), Oracle (389-ds:1.4, dracut, firefox, hplip, kernel, openssh, postgresql:15, redis:6, and uek-kernel), Red Hat (delve, gvisor-tap-vsock, nginx, nginx:1.24, nginx:1.26, osbuild-composer, podman, rhc, skopeo, and yggdrasil), SUSE (containerized-data-importer, graphite2, kernel, libarchive, openssh, openssh-askpass-gnome, openvswitch, openvswitch3, postfix, python-lxml, python-nltk, python-python-multipart, python-urllib3, rmt-server, terraform-provider-local, terraform-provider-null, and util-linux), and Ubuntu (google-guest-agent, haproxy, libxml2, linux-azure, linux-intel-iotg-5.15, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-oracle-5.15, mysql-8.0, mysql-8.4, and nginx).
-
OpenSSF (Linux Foundation) ☛ Bridging the Gap Between Code and Research: Why SCORED ’26 Matters for Open Source Security
Let’s be completely honest about how we’ve historically handled security research: academia and open source practitioners have basically been living on two different planets. That’s why we created SCORED (the Workshop on Software Supply Chain Offensive and Defensive Research). It’s a complete reimagining of the traditional academic model.
-
Pen Test Partners ☛ Decoding Rust strings
Recently in a test I had the joy of reverse engineering the custom binary that acts as a webserver and system controller for their ARM based device. Normally this isn’t a problem: extract the binary, throw it into Ghidra, do stuff. The problem here was that the binary was in written in Rust.
-
Security Week ☛ Algerian Man Extradited to US for Running Cybercrime Marketplaces
26-year-old Abdellah Belmili faces up to 30 years in prison for allegedly operating the marketplaces Market0Day and Spoxy.
-
Scoop News Group ☛ Algerian man charged with running two cybercrime marketplaces
Abdellah Belmili allegedly ran two black-market websites selling stolen financial credentials and custom-built phishing kits targeting major American banks, federal prosecutors say.
-
Security Week ☛ FFmpeg PixelSmash Flaw Allows RCE on Video Players, Media Servers, NAS Appliances
Attackers can send crafted media files to execute code in any application that uses FFmpeg’s libavcodec library.
-
Security Week ☛ Canadian Electricity Provider London Hydro Discloses Data Breach
Hackers stole customers’ names, addresses, email addresses, phone numbers, and account information.
-
Krebs On Security ☛ Scattered Spider Hackers Plead Guilty on Day 1 of Trial
Two men pleaded guilty in the United Kingdom this week to criminal charges stemming from an August 2024 cyberattack that crippled Transport for London, the entity responsible for the public transport network in the Greater London area. The duo were key members of a prolific cybercrime group known as Scattered Spider, and their guilty pleas came on the first day of what was expected to be a six-week trial.
-
Security Week ☛ Russian Initial Access Broker Behind FortiBleed Campaign
Using a custom sniffer, the threat actor has captured over 110 million credentials since at least February 2026.