The US Cybersecurity and Infrastructure Security Agency (CISA) has identified a medium-severity vulnerability in Versa Director, which has been exploited actively. Tracked as CVE-2024-39717, the flaw involves a file upload bug in the “Change Favicon” feature, enabling threat actors to upload malicious files disguised as PNG image files. Federal Civilian Executive Branch agencies are required to apply vendor-provided fixes by September 13, 2024.
Chainguard launches malware-resistant dependencies for Python
Chainguard is launching Chainguard Libraries for Python, a malware-resistant index of Python dependencies built securely to eliminate supply chain vulnerabilities. In response to the risk
