Palo Alto Networks Warns of GlobalProtect App Flaw with Public Exploit Code...
Palo Alto Networks has issued a security advisory warning of a vulnerability in its GlobalProtect app that could allow attackers to install malicious software on endpoints. The vulnerability,...
View ArticleKansas City Man Indicted for Hacking into Nonprofit and Health Club
A 31-year-old man has been indicted by a federal grand jury for hacking into the computer systems of a nonprofit organization and a health club business. The indictment, unsealed today,... The post...
View ArticleKeycloak Patches Multiple Vulnerabilities in Latest Update
Open-source identity and access management platform Keycloak has released important security updates to address multiple vulnerabilities, including risks of denial-of-service attacks, information...
View ArticleVMware Aria Operations Hit By Multiple Vulnerabilities
VMware has recently issued patches to address multiple vulnerabilities affecting its Aria Operations product. The vulnerabilities, responsibly reported to VMware, range in severity from Important to...
View ArticlePrivacy and Financial Security at Risk: McAfee Labs Warns of SpyLoan...
McAfee Labs has unveiled alarming findings about the surge in SpyLoan applications, a category of predatory loan apps exploiting social engineering tactics to compromise user privacy and financial...
View ArticleCVE-2024-8114: GitLab Vulnerability Allows Privilege Escalation
GitLab has released critical security updates to address multiple vulnerabilities affecting its Community Edition (CE) and Enterprise Edition (EE) products. Versions 17.6.1, 17.5.3, and 17.4.5 contain...
View ArticleUnpatched NTLM Flaws Leave Microsoft Systems Vulnerable
Microsoft’s NTLM protocol has once again become the focus of serious cybersecurity concerns, according to a recent report by Michael Gorelik at Morphisec. The report highlights several unpatched...
View ArticlemacOS Vulnerability (CVE-2023-32428) Grants Root Access, PoC Published
Security researcher Gergely Kalman has detailed a high-severity vulnerability in Apple’s MallocStackLogging framework that could allow attackers to gain local privilege escalation (LPE) on macOS...
View ArticleRomCom Exploits Zero-Days in Firefox (CVE-2024-9680) & Windows...
In a recent cybersecurity report, ESET researchers have unveiled a coordinated attack by the Russia-aligned threat actor RomCom, exploiting zero-day vulnerabilities in both Mozilla Firefox and...
View ArticleOperation Serengeti: Major Cybercrime Sweep Across Africa Nets 1,006 Suspects
Interpol and Afripol recently concluded Operation Serengeti, a joint operation spanning 19 African countries. This massive crackdown resulted in the arrest of 1,006 suspects and the dismantling of...
View ArticleCVE-2024-0130: NVIDIA Patches High-Severity Vulnerability in UFM Products
NVIDIA has recently released a firmware update to address a high-severity vulnerability affecting its UFM Enterprise, UFM Appliance, and UFM CyberAI products. The vulnerability, identified as...
View Article19,000 Banned: Call of Duty: Black Ops 6’s AI Anti-Cheat in Action
Activision Blizzard is taking a stand against rampant cheating in its latest release, Call of Duty: Black Ops 6, by integrating AI technology into its anti-cheat system. The move comes... The post...
View ArticleBlue Yonder Grapples with Ransomware Attack, Disrupting Global Supply Chains
Blue Yonder, a leading provider of AI-driven supply chain solutions, has been hit by a ransomware attack, impacting its managed services hosted environment. The incident, which occurred on November...
View ArticleIntel Secures Nearly $8 Billion in CHIPS Act Funding to Boost US...
Intel Corporation has been awarded 7.86 billion in funding under the U.S. CHIPS and Science Act, a major step towards bolstering domestic semiconductor manufacturing and reducing reliance on overseas...
View ArticleMicrosoft Clarifies: Your Word and Excel Data Isn’t Training Our AI
A recent viral post sparked concern among Microsoft Office users, claiming that their Word and Excel data was being harvested to train AI models. The post, which gained significant traction... The post...
View ArticleESET Unveils “Bootkitty”: The First UEFI Bootkit Targeting Linux Systems
ESET researchers have unveiled Bootkitty, the first UEFI bootkit designed to target Linux systems, marking a new chapter in the evolution of UEFI threats. While previous bootkits exclusively targeted...
View ArticleCloudflare Logs Suffer Critical Failure, Losing 55% of User Data
Cloudflare, the internet infrastructure giant, experienced a major outage on November 14th, resulting in the irreversible loss of over half of its log data. The outage, which lasted for 3.5... The post...
View ArticleCVE-2024-11680 (CVSS 9.8): Critical ProjectSend Vulnerability Actively...
A critical vulnerability in the open-source file-sharing web application ProjectSend, identified as CVE-2024-11680, is being actively exploited in the wild, according to a report by VulnCheck. Despite...
View ArticleSMOKEDHAM Backdoor: UNC2465’s Stealth Weapon for Extortion and Ransomware...
A comprehensive analysis by TRAC Labs has shed light on the SMOKEDHAM backdoor, a malicious tool leveraged by the financially motivated threat actor UNC2465. Active since 2019, SMOKEDHAM plays a... The...
View ArticleYear-Long Supply Chain Attack: Malicious NPM Package Compromises...
The Checkmarx Security Research Team has uncovered a year-long supply chain attack involving the malicious NPM package @0xengine/xmlrpc. What began as a legitimate XML-RPC implementation in October...
View Article