Critical vulnerability discovered in Spotify Backstage platform
A vulnerability has been discovered in Spotify’s open-source Cloud Native Computing Foundation (CNCF)-incubated project Backstage, that could allow threat actors to execute remote code execution (RCE). The Oxeye research team discovered a way to escape a virtual machine (VM) sandbox by using a third-party library called vm2. Oxeye claimed to have identified more than 500 […]
Pushwoosh location scam uncovered
Pushwoosh, a software company whose code is used in thousands of widely downloaded apps, claimed to be based in the United States, even though it actually operates from Russia, and U.S. government agencies such as the Army and the Centers for Disease Control and Prevention have pulled apps with Pushwoosh code after the software company […]
Microsoft confirms and fixes Direct Access issues on Windows 10 and Windows 11
Microsoft recently confirmed a problem with Direct Access on Windows 10 and Windows 11 devices in some of its recent updates. The problem affects devices running Windows 11 versions 21H2 and 22H2, or all release versions of Windows 11 and Windows 10 versions 20H2, 21H1, 21H2, and 22H2, as well as Enterprise versions LTSC 2019, […]
