ISC StormCast for Friday, April 12th, 2024

A serious vulnerability in Windows batch file execution could lead to OS command injection attacks. Programming languages like Rust and Node.js are stepping up, while Java remains inactive. Fortinet's Linux client faces scrutiny for remote code execution flaws. The conversation also highlights Apple's new threat notifications against mercenary spyware. Developers are urged to stay alert for malicious code in open source, as a new trick has emerged in supply chain attacks.