PHP PEAR Software Supply Chain Attack
On January 19, 2019 the PEAR project announced, that it’s installation script had been tampered with: https://twitter.com/pear/status/1086634389465956352:
Read more
Data in mysterious places – the subtle crisis of data harvesting apps
Recent news stories highlight the danger of unwanted data exfiltration by popular applications. The use of apps is increasingly important…
Spectre-NG: LazyFP State Restore Vulnerability (CVE-2018-3665)
The first publicly accessible indication of a new Spectre-NG vulnerability appeared on June 5, 2018, in a commit message on…