Skip to content
Security News, Assessments & Alerts Page 108

Security News, Assessments & Alerts

Security Issues, Vulnerabilities, Exploits & Government Alerts

Critical Flaws in CocoaPods Expose iOS and macOS Apps to Supply Chain Attacks

Critical Flaws in CocoaPods Expose iOS and macOS Apps to Supply Chain Attacks

Jul 01, 2024NewsroomSupply Chain / Software Security A trio of security flaws has been uncovered in the CocoaPods dependency manager for Swift and Objective-C Cocoa projects that could be exploited to stage software supply chain… 

Indian Software Firm’s Products Hacked to Spread Data-Stealing Malware

Indian Software Firm’s Products Hacked to Spread Data-Stealing Malware

Jul 01, 2024NewsroomSupply Chain Attack / Threat Intelligence Installers for three different software products developed by an Indian company named Conceptworld have been trojanized to distribute information-stealing malware. The installers correspond to Notezilla, RecentX, and… 

New OpenSSH Vulnerability Could Lead to RCE as Root on Linux Systems

New OpenSSH Vulnerability Could Lead to RCE as Root on Linux Systems

Jul 01, 2024NewsroomLinux / Vulnerability OpenSSH maintainers have released security updates to contain a critical security flaw that could result in unauthenticated remote code execution with root privileges in glibc-based Linux systems. The vulnerability has… 

Google to Block Entrust Certificates in Chrome Starting November 2024

Google to Block Entrust Certificates in Chrome Starting November 2024

Jun 29, 2024NewsroomCybersecurity / Website Security Google has announced that it’s going to start blocking websites that use certificates from Entrust starting around November 1, 2024, in its Chrome browser, citing compliance failures and the… 

GitLab Releases Patch for Critical CI/CD Pipeline Vulnerability and 13 Others

GitLab Releases Patch for Critical CI/CD Pipeline Vulnerability and 13 Others

Jun 28, 2024NewsroomSoftware Security / DevOps GitLab has released security updates to address 14 security flaws, including one critical vulnerability that could be exploited to run continuous integration and continuous deployment (CI/CD) pipelines as any…