Security News

Multiple SQL injection vulnerabilities have been disclosed in Gentoo Soko that could lead to remote code execution on vulnerable systems. "These SQL injections happened despite the use of an Object-Relational Mapping library and prepared statements," SonarSource researcher Thomas Chauchefoin said, adding they could result in RCE on Soko because of a "Misconfiguration of the database."

Maintainers of the Gentoo Linux distribution have now revealed the impact and "root cause" of the attack that saw unknown hackers taking control of its GitHub account last week and modifying the...

Weak password, no 2FA, loose policies ... and only luck limited the damage The developers of Gentoo Linux have revealed how it was possible for its GitHub organization account to be hacked:...

Weak password, no 2FA, loose policies ... and only luck limited the damage The developers of Gentoo Linux have revealed how it was possible for its GitHub repository to be hacked: someone deduced...

read more

Gentoo’s quick and comprehensive response to a hack should be considered the standard against which organizations are judged for handling security breaches.

Downloaded anything from Gentoo's GitHub account yesterday? Consider those files compromised and dump them now—as an unknown group of hackers or an individual managed to gain access to the GitHub...

read more

If you downloaded anything from project's hub repos, consider it compromised If you have fetched anything from Gentoo's GitHub-hosted repositories today, dump those files – because hackers have...