CSO Online

Critical flaw in Marimo Python notebook exploited within 10 hours of disclosure

A single unauthenticated connection gives attackers a full shell; credential theft observed in under three minutes on honeypot servers.

France is replacing 2.5 million Windows desktops with Linux - and I mapped out its new stack

Officially, we don't know what France's forthcoming Linux desktop will look like, but this is what my sources and experience ...

The silent “Storm”: New infostealer hijacks sessions, decrypts server-side

New "Storm" infostealer skips local decryption, sending browser data to attacker servers. Varonis shows how server-side decryption enables session hijacking, bypassing passwords and MFA.

Beware! This "Windows 11 24H2" update download can quietly steal your sensitive data0 0

This Windows 11 24H2 update download could quietly compromise your system and steal sensitive personal data, putting your system's privacy and security at serious risk.
Geopolitical Monitor

Distributed Risk: Open-Source Software as Strategic Infrastructure

The 2024 XZ incident illustrates how open-source software (OSS) has become strategic infrastructure in the global economy, ...

Critical flaw in wolfSSL library enables forged certificate use

A critical vulnerability in the wolfSSL SSL/TLS library can weaken security via improper verification of the hash algorithm ...