Cybersecurity firm Trellix has patched over 61,000 open-source projects vulnerable to a 15-year-old Python bug related to the tarfile module. The widespread security flaw was reportedly embedded in around 350,000 open-source projects and potentially numerous closed-source projects. Trellix and GitHub used an automated tool to patch the repositories containing the vulnerable code. The Python bug could allow “user-assisted remote attackers” to overwrite arbitrary files. Recent discussions suggest the vulnerability may soon be patched in Python itself.
Guilty Plea Hearing Delayed for Van Nuys Man Facing Computer Spyware Charge
Edmond Chakhmakhchyan has agreed to plead guilty to a federal conspiracy charge over allegations that he schemed to market and sell malware, accepting Bitcoin payments
