On January 19, 2019 the PEAR project announced, that it’s installation script had been tampered with: https://twitter.com/pear/status/1086634389465956352: Continue reading “PHP PEAR Software Supply Chain Attack”
Recent news stories highlight the danger of unwanted data exfiltration by popular applications. The use of apps is increasingly important across working environments; recognizing the potential threat that they pose and implementing appropriate safeguards tailored to organizational needs is critical.
The first publicly accessible indication of a new Spectre-NG vulnerability appeared on June 5, 2018, in a commit message on the OpenBSD project. The log message briefly provides some technical background and states three reasons for the code change, including, “post-Spectre rumors suggest that the %cr0 TS Continue reading “Spectre-NG: LazyFP State Restore Vulnerability (CVE-2018-3665)”