Glob’s Got a Bug: Update Now or Risk Code Chaos!
Researchers have discovered a remote code execution flaw in the glob file pattern matching library’s CLI tool. This vulnerability, which affects versions v10.2.0 through v11.0.3, could allow attackers to execute code by exploiting the tool’s -c flag. Users meeting the vulnerability criteria should update their installations immediately.
Hot Take:
Glob users, beware! The file-matching library has been carrying a stowaway vulnerability for years that could turn your shell into a ticking time bomb! Meanwhile, CISA warns us to watch the skies for rogue drones, and in the world of cryptocurrency, it seems that crime doesn’t pay—unless you count prison time. Oh, and Cox Communications? They’re living up to their name by getting caught up in yet another data breach debacle!
Key Points:
- Glob’s CLI tool has a remote code execution flaw affecting versions v10.2.0 to v11.0.3.
- CISA warns of the growing threat of drone-related cybersecurity risks.
- Chinese-aligned threat actors are hijacking DNS traffic with the EdgeStepper implant.
- Samourai Wallet cofounders sentenced for cryptocurrency laundering.
- Cox Enterprises suffers data theft in Oracle E-Business software breach.