A memory corruption vulnerability in the open-source libcue library can allow attackers to execute arbitrary code on Linux systems running the GNOME desktop environment. The libcue library is part of the Tracker Miners file metadata indexer, included in the latest GNOME versions. Attackers can exploit the flaw by enticing a user to download a malicious .CUE file. The memory corruption flaw is activated when the malicious file is automatically parsed by the Tracker Miners metadata indexer. Users are advised to update systems to mitigate risks.
Investigation underway after Pittsburgh Regional Transit alerts riders of cybersecurity incident – WTAE Pittsburgh
An investigation is underway after Pittsburgh Regional Transit alerted riders of a cybersecurity incident. WTAE Pittsburgh reported on the incident.