‘GitHub Codespaces can be used for malware delivery’
Researchers warn that hackers can use GitHub Codespaces to host and deliver malware.
According to a new report from Trend Micro, threat actors can abuse the port forwarding feature in GitHub Codespaces to host and distribute malware and malicious scripts.
GitHub Codespaces became widely avai... Read more
Microsoft releases fix to remediate faulty Windows Defender update
Microsoft has released scripts to fix an issue caused by a defective Windows Defender update issued on Friday, January 13. The scripts do not address all problems, however.
The scripts are designed to help system administrators repair the damage done by the update, which created an "issue w... Read more
Google brings Rust support to Chromium
The move aims to simplify development while delivering a safer browser experience.
This week Google announced that the Chromium project is going to support third-party Rust libraries from C++ in Chromium. In fact, Google is actively pursuing adding a production Rust toolchain to their build syst... Read more
Today marks the end of Windows 7 and Windows 8.1
Microsoft ceases support for Windows 7 and Windows 8.1 starting today. Users are advised to upgrade to Windows 11 or Windows 10.
Today marks the end of Windows 7. Users will no longer receive security updates and technical support. According to StatCounter, Windows 7 powers 11 percent of all des... Read more
GitHub simplifies code vulnerability scanning
With only a few clicks, developers can configure code scanning for a repository using the new default setup introduced by GitHub.
Although GitHub's code scanning is powered by the CodeQL code analysis engine, which supports a wide range of languages and compilers, the new option is only availabl... Read more
Researchers find DoS vulnerabilities in Rust Hyper
The JFrog Security Research team has discovered and disclosed multiple DoS (Denial of Service) vulnerabilities in popular Rust projects such as Axum, Salvo and conduit-hyper.
In a recent blog post, JFrog says that all vulnerabilities stem from the same root cause, namely developers failing to se... Read more
Microsoft warns of Windows Server 2012/R2 end-of-life
Microsoft issued another warning about Windows Server 2012 and 2012 R2's reaching end-of-life status in October this year. The giant urges users to update to newer versions or Azure Virtual Machine instances.
All support for Windows Server 2012 and 2012 R2 ceases on October 10. Though mainstream... Read more
Progress acquires MarkLogic for €316 million
Progress Software acquired database provider MarkLogic for €316 million ($355 million). The acquisition should help Progress Software deliver a complete semantic data platform.
The acquisition comes with MarkLogic's NoSQL database management system, which primarily focuses on data integration... Read more
Ruby 3.2.0 includes a host of new features
The new release features WebAssembly support, production-ready YJIT optimization and more.
Ruby 3.2.0 was recently made available. The release includes major features like WASI-based WebAssembly support.
As maintainer Yui Naruse explained in his release announcement, it's "an initial port of... Read more
Malware hits PyTorch ML framework
PyTorch was hit by a malware attack involving a spoofed version of the torchtriton package late last week. The malware is reportedly capable of stealing passwords and SHH keys from affected users.
PyTorch is an open-source machine learning framework maintained by the Linux Foundation. The organi... Read more