Source Code

Microsoft open sources CodeQL queries to scan for Solarwinds-like Solorigate activity

Microsoft has open sourced CodeQL queries used to scan for Solorigate malware activity that matches the SolarWinds supply-chain attack.

Microsoft open sources CodeQL queries to scan for Solarwinds-like Solorigate activity Read More »

Git tool patches serious vulnerabilities

repository hosting services GitHub, GitLab and Microsoft VSTS were all impacted by a serious vulnerability that could lead to arbitrary code execution when a developer uses a malicious repository, Threatpost reports. Each of the hosting services patched the bug on Tuesday.

Git tool patches serious vulnerabilities Read More »

GitHub scans and finds 4M vulnerabilities

GitHub ran a security scan to find old vulnerabilities in JavaScript and Ruby libraries in over a half million public repositories. The scan results turned up over four million vulnerabilities and sent alerts to developers to patch the bugs. GitHub is leading software development platform used to host, review and manage software source code, used by millions of developers.

GitHub scans and finds 4M vulnerabilities Read More »

Apple’s iPhone ‘iBoot’ source code leak

Someone has posted to GitHub the purported source code for a critical component for iPhone’s bootloader or “iBoot.” Access to iBoot code could allow hackers to find vulnerabilities in iOS that could be exploited in the future. iBoot is responsible for ensuring the trusted boot of the mobile operating system, in a sense like iPhone’s BIOS.

Apple’s iPhone ‘iBoot’ source code leak Read More »