The Hacker News

Legacy Python Bootstrap Scripts Create Domain-Takeover Risk in Multiple PyPI Packages

The disclosure comes as HelixGuard discovered a malicious package in PyPI named "spellcheckers" that claims to be a tool for ...
Geeky Gadgets

Anaconda Code add-in for Microsoft Excel

Anaconda a prominent provider of data science, machine learning, and AI solutions, has announced the public beta release of Anaconda Code within its Anaconda Toolbox for Excel. This new feature allows ...
Bleeping Computer

Google's TensorFlow drops YAML support due to code execution flaw

TensorFlow, a popular Python-based machine learning and artificial intelligence project developed by Google has dropped support for YAML, to patch a critical code execution vulnerability. YAML or Yet ...

Malicious Blender model files deliver StealC infostealing malware

A Russian-linked campaign delivers the StealC V2 information stealer malware through malicious Blender files uploaded to 3D ...

Decades-old command resurfaces in modern malware campaigns

The "finger" command remains exploitable for remote code execution even after years of disuseAttackers use batch scripts to ...
Threat Post

Remote Code Execution Bug Found in Ubuntu Quantal

A remote code execution bug in Ubuntu Desktop was patched; the vulnerability affected all default installations of Quantal version 12.10 and later. A remote code execution bug has been patched in the ...
Hackaday

Reliably Exploiting Apport In Ubuntu

[Donncha O’Cearbhaill] has successfully exploited two flaws in Apport, the crash report mechanism in Ubuntu. Apport is installed by default in all Ubuntu Desktop installations >= 12.10 (Quantal).