Cybersecurity firm Trellix has patched over 61,000 open-source projects vulnerable to a 15-year-old Python bug related to the tarfile module. The widespread security flaw was reportedly embedded in around 350,000 open-source projects and potentially numerous closed-source projects. Trellix and GitHub used an automated tool to patch the repositories containing the vulnerable code. The Python bug could allow “user-assisted remote attackers” to overwrite arbitrary files. Recent discussions suggest the vulnerability may soon be patched in Python itself.
Top 5 Ransomware Attacks and Data Breaches of 2024
The year 2024 saw a series of devastating ransomware attacks and data breaches. The HealthCorps network had 5.6 million patient records compromised by the Conti