A security audit of Git’s source code, backed by Open Source Technology Improvement Fund, revealed several vulnerabilities, including two severe overflow bugs. Given Git’s widespread use in software supply chains, the vulnerabilities may have a significant security impact. One flaw, a memory corruption bug, could enable arbitrary code execution. The bugs could also be exploited to impact servers like GitHub or GitLab. The audit discovered additional issues that could lead to denial-of-service or out-of-bound reads.
US charges suspected LockBit ransomware developer
The US Department of Justice has charged Rostislav Panev, alleged developer for the LockBit ransomware group, with 41 counts including wire fraud and extortion. Panev,