Malicious Packages Spreading in AUR

US holds off blacklisting DeepSeek, more than 100 firms deemed security risks

TrustZone Intermezzo: Broken OP-TEE Memory Isolation on i.MX 8M

Unicode composition for filenames (2008)

Forward to Hell? On Misusing Transparent DNS Forwarders For Amplification Attacks

Malware in Arch Linux AURs now inserting Russian spam into shell configs

29-Year-Old Squid Proxy Bug 'Squidbleed' Can Leak Cleartext HTTP Requests

AI Worm

Microsoft Defender 'RoguePlanet' Zero-Day Grants SYSTEM Privileges

Running Python code in a sandbox with MicroPython and WASM

Vulnerability and malware checks in uv

On Reading SRAMs in IR Images, and Establishing Bounds on Trust

Dancing mad with sandboxing

CVE-2026-45257: LPE in FreeBSD via kTLS-RX

WhatsApp Catches Spyware Firm NSO Defying No-Hacking Court Order

17 bugs in 10 weeks from AI security scanning

A Post-Quantum Future for Let's Encrypt

RS-Key: Security key. FIDO/OpenPGP firmware for RP2350

Trojaned OpenSSH (in 2002)

Rooting Home Assistant through MeshCore: XSS attacks with a LoRa node name

CVE-2026-45447: Heap Use-After-Free in the OpenSSL PKCS7_verify() Function

DOJ claims xAI's gas turbines are a matter of 'national and energy security'

Magecart skimmer turns Stripe into a malware command server

The newest Instagram “exploit” is the goofiest I've seen

High-Severity Vulnerability In Linux Caused By a Single Errant Character

Golang code review notes II

Microsoft walked away from a $3 billion deal to lease Oracle cloud capacity over security concerns

iSCSI CHAP: Heap Buffer Overflow in the Linux Kernel

Microsoft Hacked to Deliver Malware to Claude and Gemini Users

A 27-Year-Old Authentication Bypass in OpenBSD's PPP Stack

More →