Ars Technica

Secure Boot-neutering PKfail debacle is more prevalent than anyone knew

A supply chain failure that compromises Secure Boot protections on computing devices from across the device-making industry extends to a much larger number of models than previously known, including ...
CSOonline

Threat actors scanning for apps incorporating vulnerable Spring Boot tool

Enterprise admins who haven’t yet mitigated a two-month-old vulnerability in apps that incorporate the open source Spring Boot tool could be in trouble: Attempts to exploit the hole are still ongoing.