TechRepublic

350,000 open source projects at risk from Python vulnerability

Fifteen-year-old N-day Python tarfile module vulnerability puts software supply chain under the microscope. Cybersecurity company Trellix announced Wednesday that a known Python vulnerability puts 350 ...
Techzine Europe

Vulnerability in open-source component puts AI platforms at risk

A serious security vulnerability in a widely used open-source Python component could put a large number of AI agents ...
ZDNet

Argo CD releases patch for zero-day vulnerability

Argo CD released a patch this week for a zero-day vulnerability enabling attackers to access sensitive information like passwords and API keys. The vulnerability was discovered by Apiiro's Security ...
Computer Weekly

Trellix automates patching for 62,000 vulnerable open source projects

Trellix and GitHub have collectively fixed a total of 61,895 open source projects that were found to be susceptible to a 15-year-old path traversal vulnerability in Python’s tarfile module. The firm’s ...
Bleeping Computer

Telegram fixes Windows app zero-day used to launch Python scripts

Telegram fixed a zero-day vulnerability in its Windows desktop application that could be used to bypass security warnings and automatically launch Python scripts. Over the past few days, rumors have ...