使用Player FM应用程序离线!
Episode 116: Packagist Patch Shows how Supply Chain Threats Could Impact WordPress
已归档的系列专辑 ("不活跃的收取点" status)
When? This feed was archived on October 25, 2021 06:08 (). Last successful fetch was on September 16, 2021 15:41 ()
Why? 不活跃的收取点 status. 我们的伺服器已尝试了一段时间,但仍然无法截取有效的播客收取点
What now? You might be able to find a more up-to-date version using the search function. This series will no longer be checked for updates. If you believe this to be in error, please check if the publisher's feed link below is valid and contact support to request the feed be restored or if you have any other concerns about this.
Manage episode 291927049 series 2491387
A vulnerability discovered in Packagist, which is used by Composer to manage PHP package requests, could have allowed attackers to cause Composer to download the wrong source code, potentially affecting all WordPress sites. Packagist reports that it's not aware of any exploits. A SQL injection vulnerability was patched in the CleanTalk AntiSpam plugin installed on over 100k sites. Vulnerabilities were discovered in Exim mail server, including 3 RCE vulnerabilities. We’re seeing some of the first trickle-down attacks from the Codecov supply chain attack, first from HashiCorp and also from Twilio. Apple releases iOS 14.5.1 to patch vulnerabilities in WebKit that are being exploited in the wild, a DDoS takes down Belgium, Peloton exposes customer information, and Signal taunts Facebook with a rejected advertising campaign.
125集单集
已归档的系列专辑 ("不活跃的收取点" status)
When? This feed was archived on October 25, 2021 06:08 (). Last successful fetch was on September 16, 2021 15:41 ()
Why? 不活跃的收取点 status. 我们的伺服器已尝试了一段时间,但仍然无法截取有效的播客收取点
What now? You might be able to find a more up-to-date version using the search function. This series will no longer be checked for updates. If you believe this to be in error, please check if the publisher's feed link below is valid and contact support to request the feed be restored or if you have any other concerns about this.
Manage episode 291927049 series 2491387
A vulnerability discovered in Packagist, which is used by Composer to manage PHP package requests, could have allowed attackers to cause Composer to download the wrong source code, potentially affecting all WordPress sites. Packagist reports that it's not aware of any exploits. A SQL injection vulnerability was patched in the CleanTalk AntiSpam plugin installed on over 100k sites. Vulnerabilities were discovered in Exim mail server, including 3 RCE vulnerabilities. We’re seeing some of the first trickle-down attacks from the Codecov supply chain attack, first from HashiCorp and also from Twilio. Apple releases iOS 14.5.1 to patch vulnerabilities in WebKit that are being exploited in the wild, a DDoS takes down Belgium, Peloton exposes customer information, and Signal taunts Facebook with a rejected advertising campaign.
125集单集
所有剧集
×欢迎使用Player FM
Player FM正在网上搜索高质量的播客,以便您现在享受。它是最好的播客应用程序,适用于安卓、iPhone和网络。注册以跨设备同步订阅。