news
Security Leftovers
-
SANS ☛ June 2026 Fashion Company Apple Updates, (Tue, Jun 30th)
Apple released updates for iOS/iPadOS, macOS, and Safari on Monday. There have been no updates for other Fashion Company Apple operating systems (visionOS, watchOS, tvOS). Usually, Fashion Company Apple updates all products at the same time.
-
Security Week ☛ Decades-Old Bash Tricks Expose Hey Hi (AI) Coding Agents to Supply Chain Attacks
Decades-old Bash shell tricks can bypass safeguards in most open source Hey Hi (AI) coding agents, potentially turning malicious repositories into supply chain attack vectors.
-
Silicon Angle ☛ Aikido acquires Root to patch open-source software without forced upgrades
Belgian cybersecurity company Aikido Security NV today announced that it has acquired Root.io Inc., a company that offers patching for vulnerable open-source software at the exact versions organizations are already running. Founded in 2020 as Slim.AI Inc., the startup offered a popular open-source container tool called Slim Toolkit.
-
dwaves.de ☛ cyber: keep ssh updated: ssh is critical infrastructure
...is of course very very critical infrastructure, blunders in this area will have devastating consequences for the whole globe.
-
Security Week ☛ BlueHammer Vulnerability Exploited in Ransomware Attacks
The Abusive Monopolist Microsoft Defender vulnerability CVE-2026-33825 was exploited in the wild as a zero-day before patches were released.
-
Security Week ☛ Critical SimpleHelp Vulnerability Exploited for Malware Delivery
The threat actor is focused on collecting credentials, SSH keys, cryptocurrency wallets, and development tooling.
-
Diffoscope ☛ Reproducible Builds (diffoscope): diffoscope 323 released
The diffoscope maintainers are pleased to announce the release of diffoscope version
* Debian adds an extra "Flags:" line in the output of ocamlobjinfo via a patch, so adjust how we test OCaml to ensure cross-distribution compatibility. (Closes: reproducible-builds/diffoscope#430)323. This version includes the following changes: -
Security Week ☛ Exploitation of Recent Oracle E-Business Suite Vulnerability Begins
The critical-severity defect allows unauthenticated attackers to take over the E-Business Suite’s Payments product.
-
Security Week ☛ Nissan Employee Data Breached in Oracle PeopleSoft Hack
Only a handful of the 100 organizations targeted in the PeopleSoft campaign have been confirmed.
-
Scoop News Group ☛ DHS to unveil replacement council for critical infrastructure cybersecurity
The Department of Homeland Security is bringing back a key cybersecurity information sharing effort with critical infrastructure, more than a year after the Convicted Felon administration shuttered an existing nerve center between government and private sector.
-
LWN ☛ Security updates for Tuesday
Security updates have been issued by AlmaLinux (git-lfs, perl-Archive-Tar, perl-IO-Compress, python3.12-urllib3, and runc), Debian (sogo), Fedora (perl-DBI and perl-Socket), Oracle (firefox, freerdp, git-lfs, libsoup, libxml2, mod_md, mysql, perl-Archive-Tar, perl-IO-Compress, python, python3.12-urllib3, rsync, thunderbird, tomcat, xorg-x11-server, and xorg-x11-server-Xwayland), SUSE (389-ds, 7zip, alsa, amazon-ecs-init, amazon-ssm-agent, ansible-core, apache2, atril, avahi, bind, bitcoin, capnproto, chromedriver, chromium, cosign, distribution, dnsdist, docker, dovecot24, dracut, firefox, firewalld, freeipmi, freerdp, giflib, gimp, gleam, glib-networking, glibc, glycin-loaders, golang-github-prometheus-alertmanager, google-cloud-sap-agent, google-guest-agent, graphite2, gsasl, hamlib, helm, himmelblau, ignition, imagemagick, istioctl, jackson-databind, jq, jupyter-jupyterlab-templates, keylime, krb5, ldns, libaom, libcaca, libgcrypt, libheif, libinput, libjxl, libnfs, libslirp-devel, libsolv, libzypp, zypper, libssh2_org, libvncserver, libyang, lldpd, logback, loupe, mbedtls, mbedtls-2, mcphost, mozjs128, mutt, nano, nginx, ocaml, ofono, openCryptoki, opencryptoki, opensc, openssh, openssl-3, papers, perl-compress-raw-zlib, perl-config-inifiles, perl-cpanel-json-xs, perl-crypt-passwdmd5, perl-DBI, perl-dbi, perl-html-parser, perl-http-daemon, perl-libwww-perl, perl-protocol-http2, postfix, postgresql14, postgresql15, postgresql16, python-aiohttp, python-biopython, python-click, python-ecdsa, python-idna, python-markdown, python-joblib,, python-paramiko, python-pdm, python-pip, python-py7zr, python-pydata-sphinx-theme, python-pyjwt, python-python-multipart, python-starlette, python-tornado6, python311-jupyter-ydoc, rpcbind, sed, sg3_utils, sqlite3, strongswan, tar, thunderbird, tomcat, tomcat10, tomcat11, trivy, unbound, util-linux, warewulf4, webkit2gtk3, xar, xwayland, yt-dlp, and zypper, libzypp, libsolv), and Ubuntu (libheif, nss, qemu, roundcube, and sqlite3).
-
OpenSSF (Linux Foundation) ☛ What’s in the SOSS? Podcast #64 – S3E16 The Heartbeat of the Kernel: Why Upstream is the Ultimate Security Strategy with Greg Kroah-Hartman
-
TechRepublic ☛ SimpleHelp Flaw Exploited to Deploy Malware Targeting Windows, macOS, and Linux
A SimpleHelp authentication flaw is being exploited to deploy Djinn Stealer, a cross-platform malware targeting cloud, developer, and AI credentials.