Hacker News Max severity RCE flaw discovered in widely used Apache Parquet
https://www.bleepingcomputer.com/news/security/max-severity-rce-flaw-discovered-in-widely-used-apache-parquet/
#ycombinator #computers #windows #linux #mac #support #tech_support #spyware #malware #virus #security #Apache #Apache_Parquet #Big_Data #RCE #Remote_Code_Execution #Vulnerability #virus_removal #malware_removal #computer_help #technical_support
Recent searches
Search options
#Vulnerability
0 posts0 participants0 posts today
From high-profile data breaches to emerging vulnerabilities, this week's newsletter delves into the cybersecurity landscape, giving you the knowledge to stay informed and vigilant.
#Cybersecurity #DataBreach #Vulnerability #Malware #InfoSec
https://cybernewsweekly.substack.com/p/cybersecurity-news-review-week-14-cd7
Cybersecurity News Weekly · Cybersecurity News Review - Week 14 (2025)
Welcome to this week's roundup of some of the most interesting cybersecurity updates. Subscribe for a concise perspective on the latest threats and protective measures in the field.
#Cybersecurity #DataBreach #Vulnerability #Ransomware #Infosec
https://cybernewsweekly.substack.com/p/cybersecurity-news-review-week-13-bf4
Cybersecurity News Weekly · Cybersecurity News Review - Week 13 (2025)
This week is packed with cybersecurity developments, but don't worry—this newsletter is designed to help you efficiently digest all the key updates.
#CybersecurityNews #DataBreach #Ransomware #Vulnerability #InfoSec
https://cybernewsweekly.substack.com/p/cybersecurity-news-review-week-12-bf0
Cybersecurity News Weekly · Cybersecurity News Review - Week 12 (2025)
Are you maximizing your Harbor registry for #container #security? Many enterprises trust #Harbor for artifact management, but pairing it with Anchore Enterprise unlocks deeper #vulnerability detection. Learn more in this on-demand webinar: https://get.anchore.com/anchore-and-harbor-increase-supply-chain-transparency/ #SBOM
Staying ahead of evolving threats requires continuous awareness of the changing security landscape. This edition highlights the week's most significant findings and developments.
#Cybersecurity #DataBreach #Ransomware #Vulnerability #InfoSec
https://cybernewsweekly.substack.com/p/cybersecurity-news-review-week-11-d28
Cybersecurity News Weekly · Cybersecurity News Review - Week 11 (2025)
From high-profile data breaches to emerging vulnerabilities, this week's newsletter delves into the cybersecurity landscape, giving you the knowledge to stay informed and vigilant.
#Cybersecurity #Ransomware #DataBreach #Vulnerability #InfoSec
https://cybernewsweekly.substack.com/p/cybersecurity-news-review-week-10
Cybersecurity News Weekly · Cybersecurity News Review - Week 10 (2025)
#SBOMs are the backbone of secure #softwaresupplychains, enabling proactive #vulnerability management and #compliance automation. But there is more - discover their full potential in our latest guide https://get.anchore.com/use-cases-for-the-entire-organization/
Are you maximizing your Harbor registry for #container #security? Many enterprises trust #Harbor for artifact management, but pairing it with Anchore Enterprise unlocks deeper #vulnerability detection. Learn more in this on-demand webinar: https://get.anchore.com/anchore-and-harbor-increase-supply-chain-transparency/ #SBOM
Tomorrow! Are you maximizing your Harbor registry for container security? Many enterprises trust #Harbor for artifact management, but pairing it with Anchore Enterprise unlocks deeper #vulnerability detection, #policy enforcement, & #SBOM-driven transparency.
Join Dan Perry & Josh Sopuru for a hands-on show & tell on:
Automating scans & continuous monitoring Preventing vulnerable image deployments Optimizing Harbor for max security
Secure your spot today! https://get.anchore.com/anchore-and-harbor-increase-supply-chain-transparency/
#Harbor seamlessly integrates with #Anchore Enterprise for added transparency and security in the supply chain. In a show and well on Feb 19 our customer success engineers are demoing:
- comprehensive #vulnerability scanning and #policy enforcement for #containers
- automation of scans for continuous #monitoring
- tips for maximizing registry config security and efficiency
Register Now https://get.anchore.com/anchore-and-harbor-increase-supply-chain-transparency/
Today is the first day of Rocky Mountain Cyberspace Symposium and the team is ready! Join us in booth #259 for a live demo or to discuss policy #compliance, #SBOM management, and #vulnerability scanning. #RMCS25 #Cybersecurity #DefenseTech
Tomorrow is day one of Rocky Mountain Cyberspace Symposium. Join us in booth #259 for live demos of our end-to-end #SBOM management, #vulnerability scanning and #policy enforcement solution. #RMCS25 #Cybersecurity
Fredericton poet explores vulnerability in new book
Poet and actor Tallas Munro remembers having to leave his Grade 4 classroom with a brown paper bag because he was having an anxiety attack. He knows something about vulnerability.
#poetry #vulnerability #anxiety #News #Canada #NewBrunswick
https://www.cbc.ca/news/canada/new-brunswick/tallas-munro-fredericton-rexton-lion-1.7453158?cmp=rss
Welcome to this week's roundup of some of the most interesting cybersecurity updates. Subscribe for a concise and informed perspective on the latest threats and protective measures in the field.
#cybersecurity #databreach #vulnerability #ransomware #phishing
https://cybernewsweekly.substack.com/p/cybersecurity-news-review-week-5
Cybersecurity News Weekly · Cybersecurity News Review - Week 5 (2025)
And we are live at #WEST2025 in San Diego. See us at booth #4227 where our team looks forward to discussing your #DevSecOps, #SBOMs, #STIG and #vulnerability scanning needs and show you the latest features of Anchore. Book time with us https://get.anchore.com/2025-01-afcea-west-2025/
How vulnerable are Saskatchewan's 3 largest cities to wildfires?
With the ongoing California wildfires and last year's devastating fire in Jasper, Alta., people in Saskatchewan's largest cities may wonder how vulnerable they are.
#wildfires #vulnerability #cities #Saskatchewan #California #Jasper
https://www.cbc.ca/news/canada/saskatchewan/regina-saskatoon-prince-albert-wildfires-vulnerable-1.7441500?cmp=rss
How vulnerable are Saskatchewan's 3 largest cities to wildfires?
With the ongoing California wildfires and last year's devastating fire in Jasper, Alta., people in Saskatchewan's largest cities may wonder how vulnerable they are.
#wildfires #vulnerability #cities #Saskatchewan #California #Jasper
https://www.cbc.ca/news/canada/saskatchewan/regina-saskatoon-prince-albert-wildfires-vulnerable-1.7441500?cmp=rss
We have released #security updates (1.0.14, 1.1.11, 1.2.11, 1.3.4) to address CVE-2025-23221, a #vulnerability in #Fedify's #WebFinger implementation. We recommend all users update to the latest version of their respective release series immediately.
The Vulnerability
A security researcher identified multiple security issues in Fedify's lookupWebFinger() function that could be exploited to:
- Perform denial of service attacks through infinite redirect loops
- Execute server-side request forgery (#SSRF) attacks via redirects to private network addresses
- Access unintended URL schemes through redirect manipulation
Fixed Versions
- 1.3.x series: Update to 1.3.4
- 1.2.x series: Update to 1.2.11
- 1.1.x series: Update to 1.1.11
- 1.0.x series: Update to 1.0.14
Changes
The security updates implement the following fixes:
- Added a maximum redirect limit (5) to prevent infinite redirect loops
- Restricted redirects to only follow the same scheme as the original request (HTTP/HTTPS)
- Blocked redirects to private network addresses to prevent SSRF attacks
How to Update
To update to the latest secure version:
# For npm users
npm update @fedify/fedify
# For Deno users
deno add jsr:@fedify/fedify
We thank the security researcher who responsibly disclosed this vulnerability, allowing us to address these issues promptly.
For more details about this vulnerability, please refer to our security advisory.
If you have any questions or concerns, please don't hesitate to reach out through our GitHub Discussions, join our Matrix chat space, or our Discord server.
GitHubRelease Fedify 1.0.14 · dahlia/fedifyReleased on January 21, 2025.
Fixed several security vulnerabilities of the lookupWebFinger() function. [CVE-2025-23221]
Fixed a security vulnerability where the lookupWebFinger() function had ...
I hacked the Dutch government and all I got was this t-shirt
https://jacobriggs.io/blog/posts/i-hacked-the-dutch-government-and-all-i-got-was-this-t-shirt-24
#ycombinator #Dutch_government #NCSC_NL #bug_bounty #reward #swag #t_shirt #hacked #vulnerability #VDP
jacobriggs.ioI hacked the Dutch government and all I got was this t-shirtThe NCSC-NL (National Cyber Security Centre – Netherlands) sent me a ‘lousy’ t-shirt on behalf of the Dutch government. Together with the t-shirt was a thank you letter.