mardi 3 octobre 2023 à 18:37
Chipmaker Qualcomm has released security updates to address 17 vulnerabilities in various components, while warning that three other zero-days have come under active exploitation.
Of the 17 flaws, three are rated Critical, 13 are rated High, and one is rated Medium in severity.
"There are indications from Google Threat Analysis Group and Google Project Zero that CVE-2023-33106, CVE-2023-33107,
mardi 3 octobre 2023 à 18:24
Cybersecurity researchers have disclosed multiple critical security flaws in the TorchServe tool for serving and scaling PyTorch models that could be chained to achieve remote code execution on affected systems.
Israel-based runtime application security company Oligo, which made the discovery, has coined the vulnerabilities ShellTorch.
"These vulnerabilities [...] can lead to a full chain Remote
mardi 3 octobre 2023 à 16:59
Nearly three dozen counterfeit packages have been discovered in the npm package repository that are designed to exfiltrate sensitive data from developer systems, according to findings from Fortinet FortiGuard Labs.
One set of packages – named @expue/webpack, @expue/core, @expue/vue3-renderer, @fixedwidthtable/fixedwidthtable, and @virtualsearchtable/virtualsearchtable – harbored an obfuscated
mardi 3 octobre 2023 à 13:52
APIs, also known as application programming interfaces, serve as the backbone of modern software applications, enabling seamless communication and data exchange between different systems and platforms. They provide developers with an interface to interact with external services, allowing them to integrate various functionalities into their own applications.
However, this increased reliance on