CSO Online

Critical flaw in Marimo Python notebook exploited within 10 hours of disclosure

A single unauthenticated connection gives attackers a full shell; credential theft observed in under three minutes on honeypot servers.

OpenAI rotates macOS certs after Axios attack hit code-signing workflow

OpenAI is rotating potentially exposed macOS code-signing certificates after a GitHub Actions workflow executed a malicious ...

Critical flaw in wolfSSL library enables forged certificate use

A critical vulnerability in the wolfSSL SSL/TLS library can weaken security via improper verification of the hash algorithm ...