Exclusive: Chainguard extends Repository scanning and policies to Java, Python and containers

Secure software supply chain solution provider Chainguard Inc. today expanded its Chainguard Repository product with malware ...
ADTmag

Feature Set Locked as Oracle Enters Stabilization Phase

Nine Java Enhancement Proposals make the final cut as OpenJDK shifts from feature development to bug fixing ahead of a September release.
SecurityWeek

FFmpeg PixelSmash Flaw Allows RCE on Video Players, Media Servers, NAS Appliances

PixelSmash is a vulnerability in the FFmpeg framework that can be exploited via crafted media files for remote code execution ...
note

Don't let your Minecraft resource packs be unzipped! Explaining the ultimate compression software, "PackSquash"!

PackSquash can optimize multiple files such as images, audio, JSON files, and BlockBench model files. It can also perform obfuscation to make ZIP extraction difficult. PackSquash is an optimization ...
GitHub

powershell_fileless_script_contains_base64_encoded_content.yml

description: The following analytic detects the execution of PowerShell scripts containing Base64 encoded content, specifically identifying the use of `FromBase64String`. It leverages PowerShell ...
GitHub

registry_keys_used_for_persistence.yml

description: The following analytic identifies modifications to registry keys commonly used for persistence mechanisms. It leverages data from endpoint detection sources like Sysmon or Carbon Black, ...