Windows devices could be targeted with command injection attacks exploiting the maximum severity Rust standard library vulnerability, tracked as CVE-2024-24576, The Hacker News reports.

This month’s bumper crop of patches includes two Microsoft didn’t initially acknowledge were being exploited in the wild.

Jim joins the Security Weekly crew to discuss all things supply chain! Given the recent events with XZ we still have many topics to explore, especially when it comes to practical advice surrounding supply chain threats.

Varonis researchers say until Microsoft issues a patch, companies should watch their SharePoint environments for unusual activity.

The critical SQL injection flaw was reported through Wordfence for a record $5,500 bug bounty.

Binarly has issued a free online tool that would facilitate scanning a newly discovered backdoor and maximum severity vulnerability in xz tools and libraries used by major Linux distributions, tracked as CVE-2024-3094, across Linux binaries amid significant security risks, according to Security Affairs.

Ibis Budget hotels across Europe had keypad codes that could be leveraged for room entry exposed due to a security flaw impacting its self check-in kiosks, SecurityWeek reports.