CSO Online

Critical flaw in Marimo Python notebook exploited within 10 hours of disclosure

A single unauthenticated connection gives attackers a full shell; credential theft observed in under three minutes on honeypot servers.

France is replacing 2.5 million Windows desktops with Linux - and I mapped out its new stack

Officially, we don't know what France's forthcoming Linux desktop will look like, but this is what my sources and experience ...

The silent “Storm”: New infostealer hijacks sessions, decrypts server-side

New "Storm" infostealer skips local decryption, sending browser data to attacker servers. Varonis shows how server-side decryption enables session hijacking, bypassing passwords and MFA.

OpenAI rotates macOS certs after Axios attack hit code-signing workflow

OpenAI is rotating potentially exposed macOS code-signing certificates after a GitHub Actions workflow executed a malicious ...
The New York Times

New York Times - Top Stories

U.S. Rejects Iran’s Offer to Suspend Nuclear Activity for Up to 5 Years The two sides remain far apart on an agreement, as the Trump administration insisted on a 20-year suspension, according to ...