The Apache Software Foundation (ASF) has addressed a vulnerability in Kafka Connect that could enable remote code execution (RCE) attacks. The flaw was spotted by bug bounty hunter Jari Jääskelä, who received a $5,000 reward. To exploit the vulnerability, an attacker would need access to a Kafka Connect worker and be able to create or modify worker connectors. More than 80% of Fortune 100 firms use the Kafka platform.
NSA warns that overlooked botnet technique threatens national security
The National Security Agency (NSA) has warned that fast flux, a technique used by cybercriminals and hostile nations to hide their activities, is a significant
