Gentoo provided a new security update that describes the impact and root cause of its recent GitHub Linux distribution repository hacking incident.
A popular Linux distribution, Gentoo, said its source code hosted on GitHub was compromised.
repository hosting services GitHub, GitLab and Microsoft VSTS were all impacted by a serious vulnerability that could lead to arbitrary code execution when a developer uses a malicious repository, Threatpost reports. Each of the hosting services patched the bug on Tuesday.
Google has patched a reCAPTCHA security vulnerability that allows an attacker to bypass a system.
Security firm Trustlook has found at least 25,936 malicious apps using one of Facebook’s APIs, such as a login API or messaging API. Such malicious apps could then use and abuse a range of Facebook login profiles, such as name, location and email address, according to recent blog post.
A new vulnerability dubbed "Total Meltdown" was discovered last month after Microsoft issued patches to fix the previous Meltdown vulnerabilities.
Duo Labs has found SAML protocol vulnerabilities that impact multiple vendor single sign-on (SSO) systems.
Someone has posted to GitHub the purported source code for a critical component for iPhone's bootloader or "iBoot." Access to iBoot code could allow hackers to find vulnerabilities in iOS that could be exploited in the future. iBoot is responsible for ensuring the trusted boot of the mobile operating system, in a sense like iPhone's BIOS.