A security audit of Git’s source code, backed by Open Source Technology Improvement Fund, revealed several vulnerabilities, including two severe overflow bugs. Given Git’s widespread use in software supply chains, the vulnerabilities may have a significant security impact. One flaw, a memory corruption bug, could enable arbitrary code execution. The bugs could also be exploited to impact servers like GitHub or GitLab. The audit discovered additional issues that could lead to denial-of-service or out-of-bound reads.
Multi-Stage Malware Attack Uses .JSE and PowerShell to Deploy Agent Tesla and XLoader
A new multi-stage cyber attack has been identified by Palo Alto Networks Unit 42, utilising malware families like Agent Tesla variants, Remcos RAT, and XLoader.
