The Apache Software Foundation (ASF) has addressed a vulnerability in Kafka Connect that could enable remote code execution (RCE) attacks. The flaw was spotted by bug bounty hunter Jari Jääskelä, who received a $5,000 reward. To exploit the vulnerability, an attacker would need access to a Kafka Connect worker and be able to create or modify worker connectors. More than 80% of Fortune 100 firms use the Kafka platform.
North Korean Hackers Use Fake U.S. Companies to Spread Malware in Crypto Industry: Report
North Korean hackers reportedly set up shell companies in the US to penetrate the crypto sector and target developers via fake job offers, according to
