Patch time: Critical GitLab vulnerability exposes 2FA-less users to account takeovers [Tue Jan 16 2024]

Hi {NAME}, Daily Headlines - 16 January 2024 ***************************************************************** Patch time: Critical GitLab vulnerability exposes 2FA-less users to account takeovers The bug with a perfect 10 severity score has been ripe for exploitation since May ***************************************************************** Off-Prem * Big Cloud deploys thousands of GPUs for AI – yet most appear under-utilized If AWS, Microsoft, Google were anywhere close to capacity, their revenues would be way higher On-Prem * Eben Upton on Sinclair, Acorn, and the Raspberry Pi The future's bright. The future's retro * CDW settles in lawsuit with rival reseller over Cisco sales Meanwhile pending case from Cisco accuses Dexon of selling counterfeit kit * The New ROM Antics – building the ZX Spectrum 128 If you think Sinclair’s hardware was odd, you haven’t met the people * Infosys co-founder doubles down on call for 70-hour work weeks It's not like Gandhi ever saw his kids, says Narayana Murthy * Cloudflare defends firing of staffer for reasons HR could not explain Net-taming firm lets staff go if they’re bad at ‘measurable performance targets’ or aren’t ‘right for the team’, which seems a tad contradictory Security * Thousands of Juniper Networks devices vulnerable to critical RCE bug Yet more support for the argument to adopt memory-safe languages * Patch time: Critical GitLab vulnerability exposes 2FA-less users to account takeovers The bug with a perfect 10 severity score has been ripe for exploitation since May * FTC secures first databroker settlement banning sale of sensitive location data Also, iOS spyware abused Apple's own ECC, breach victim says it can't figure out what hackers took, and some critical vulns * China loathes AirDrop so much it's publicized an old flaw in Apple's P2P protocol Infosec academic suggests Beijing's warning that iThing owners aren't anonymous deserves attention outside the great firewall too Software * Microsoft prices new Copilots for individuals and small biz vastly higher than M365 alone Intros ‘Pro’ AI for creators, ditches 300-seat requirement for business use * Reports China's military is using Baidu's AI lead to stock plunge Web giant retorts that researchers simply used its publicly available APIs * Microsoft braces for automatic AI takeover with Copilot at Windows startup Experiment is limited to the Insider Dev Channel. For now * KDE 6 hits RC-1 while KDE 5 brings fresh spin on OpenBSD New versions and ports of the Plasma desktop ahoy * WTF? Potty-mouthed intern's obscene error message mostly amused manager Who's going to complain about free labor? * Linus Torvalds postpones Linux 6.8 merge window after being taken offline by storms Roads are icy and drivers are dangerous. There will be no Starbucks run. Offbeat * Musk claims that venting liquid oxygen caused Starship explosion Billionaire suggests a payload would have solved the problem. And we have a suggestion for who that payload could be * Crippled Peregrine lunar lander set for fiery return to Earth in matter of days Doing science and still alive ... but not for long * AI and robots join forces to cook up proteins faster Applications across chemistry, energy, and medicine await human-free acceleration ------------------------------------------------------------------------ This email was sent to {EMAIL} You can update your preferences here: or unsubscribe from this list: Situation Publishing Ltd, 315 Montgomery Street, 9th & 10th Floors, San Francisco, CA 94104, USA The Register and its contents are Copyright © 2024 Situation Publishing. All rights reserved. Find our Privacy Policy here: