A Department of Energy (DOGE) employee Jordan Wick has been publicly sharing sensitive work-related code on GitHub, including a Twitter DM downloader and geospatial data analysis tools for undersea cables and critical minerals.
Cloudflare has released its 2024 Transparency Reports with expanded content and a new format, influenced by EU's Digital Services Act requirements. The reports are now divided into two sections covering Legal Requests for Information and Abuse Processes, featuring new data points and machine-readable formats. The company maintains its decade-long commitment to transparency while adapting to regulatory changes and service growth.
A widespread scam operation on GitHub involves thousands of repositories distributing malware disguised as game mods and cracked software. The malware, known as Redox stealer, collects sensitive data including passwords, crypto wallets, and gaming accounts from victims' computers, then sends it to Discord servers for exploitation.
Carlos Slim has terminated collaboration with Elon Musk's Starlink following controversial accusations, redirecting $22 billion investment to Chinese and European companies. The decision came after Musk posted unsubstantiated claims about Slim's alleged criminal connections, resulting in a $7 billion loss for Musk and reduced US commercial presence in Latin America.
IBM has completed its $6.4 billion acquisition of HashiCorp, integrating advanced cloud infrastructure automation and security capabilities into its portfolio. The merger aims to help enterprises manage hybrid cloud environments more efficiently, with HashiCorp's Terraform and Vault products now available through IBM's automation software lineup. The acquisition strengthens IBM's position in multiple growth areas including Red Hat, watsonx, and IT automation.
Memory safety vulnerabilities have been a persistent security challenge costing billions, prompting a call for industry-wide standardization and secure-by-design practices. Recent advancements in memory-safe languages like Rust and hardware technologies offer promising solutions for widespread adoption. Google advocates for establishing a common framework to assess memory safety assurances and drive industry-wide adoption of secure practices.
A legal battle over database schema access through FOIA requests in Illinois reached the state Supreme Court, ultimately ruling that schemas could be withheld as 'file layouts.' New legislation (SB0226) aims to require public bodies to provide database structure descriptions, enabling citizens to request specific database queries.
Federal judges have blocked DOGE from accessing personal data held by multiple US government departments, including Education, OPM, and Treasury. The rulings came after lawsuits filed by various parties, including the American Federation of Teachers and 19 states led by New York, citing Privacy Act violations and potential irreparable harm.
SubImage, built on the open-source Cartography security graph, helps security teams identify and fix infrastructure vulnerabilities before attackers find them. The platform maps infrastructure, emulates adversary behavior, and provides actionable recommendations through a hosted solution that allows deep customization and integration with various data sources.
Cloudflare has initiated legal proceedings against LaLiga over IP blocking measures that affected millions of unrelated website users. The dispute arose after LaLiga blocked two pirate streaming platforms using Cloudflare's technology, affecting shared IP addresses that hosted thousands of legitimate domains.