2600
Defcon
North American Network Operators' Group
Hacker News
- Working in the office 5 days/week to build company culture is a myth: PwC report
- Hachette vs. Internet Archive: We're Still Fighting for Fair Use
- Apple Shares Full iPhone 16 and iPhone 16 Pro Repair Manuals
- CISA boss: Makers of insecure software are the real cyber villains
- How do archivists package things? The battle of the boxes
Tech Radar
- How to watch Argentina vs South Africa: free live streams for 2024 Rugby Championship game
- NYT Strands today — hints, answers and spangram for Saturday, September 21 (game #202)
- Quordle today – hints and answers for Saturday, September 21 (game #971)
- NYT Connections today — hints and answers for Saturday, September 21 (game #468)
- This AI Teddy Bear can make up new bedtime stories to tell you every night
The Risks Forum
Open Source Security
- Performance Co-Pilot (PCP): pmcd network daemon security issues and review results (CVE-2024-45769), (CVE-2024-45770)
- CVE-2024-45537: Apache Druid: Users can provide MySQL JDBC properties not on allow list
- CVE-2024-45384: Apache Druid: Padding oracle in druid-pac4j extension that allows an attacker to manipulate a pac4j session cookie via Padding Oracle Attack
- CVE-2024-22399: Apache Seata: Remote Code Execution vulnerability via Hessian Deserialization in Apache Seata Server
- [SECURITY ADVISORY] curl: CVE-2024-8096: OCSP stapling bypass with GnuTLS