InfoWorld

Critical flaw in Marimo Python notebook exploited within 10 hours of disclosure

The CVSS‑9.3 vulnerability allows unauthenticated remote code execution on exposed Marimo servers and was exploited in the wild shortly after disclosure, Sysdig says.
GitHub

jpg_file_copy.py

There are only just five functions. load(filename) - Get exif data as dict. dump(exif_dict) - Get exif as bytes. insert(exif_bytes, filename) - Insert exif into JPEG ...
Security Boulevard

This fake Windows support website delivers password-stealing malware

A convincing Microsoft lookalike tricks users into downloading malware that steals passwords, payments, and account access.