Tux Machines

FUD and Openwashing

Posted by Roy Schestowitz on Oct 15, 2022

=> Programming Leftovers | Open Hardware: DIY, Raspberry Pi, and Arduino

Linux, Windows and macOS Hit By New "Alchimist' Attack Framework [Ed: Trying to blame "GoLang" because people write programs in GoLang and "Linux" because people can install malware on Linux]

=> ↺ Linux, Windows and macOS Hit By New "Alchimist' Attack Framework

It is implemented in GoLang and implants the Insekt RAT on the compromised systems.

This Week In Security: Npm Timing Leak, Siemens Universal Key, And PHP In PNG [Ed: Microsoft failure, but someone the media always failed to mention that!]

=> ↺ This Week In Security: Npm Timing Leak, Siemens Universal Key, And PHP In PNG | ↺ Microsoft failure

First up is some clever wizardry from the [Aqua Nautilus] research team, who discovered a timing attack that leaks information about private npm packages. The setup is this, npm hosts both public and private node.js packages. The public ones are available to everyone, but the private packages are “scoped”, meaning they live within a private namespace, “@owner/packagename” and are inaccessible to the general public. Trying to access the package results in an HTTP 404 error — the same error as trying to pull a package that doesn’t exist.

Benefits of working with open source data quality solutions

=> ↺ Benefits of working with open source data quality solutions

=> gemini.tuxmachines.org