Volkswagen’s Cariad Exposes Location Data of 800,000 Electric Vehicles
A “misconfiguration” in Volkswagen’s automotive software subsidiary, Cariad, has led to a significant data breach, exposing the location data of approximately 800,000 electric vehicles across its...
View ArticleAI Dev Gallery: Microsoft Unleashes On-Device AI for Windows 11
Microsoft has recently introduced an open-source development resource called “AI Dev Gallery” for devices equipped with the Windows 11 operating system and branded as “AI PCs.” This resource enables...
View ArticleLLMs Crack the Code: 95% Success Rate in Hacking Challenge
A recent study demonstrates the transformative potential of large language models (LLMs) in offensive cybersecurity tasks. Researchers Rustem Turtayev, Artem Petrov, Dmitrii Volkov, and Denis Volk have...
View ArticlePLAYFULGHOST Malware: A Sophisticated Gh0st RAT Variant with Advanced...
A detailed analysis from security researcher Tatsuhiko at Google has unveiled the sinister capabilities of PLAYFULGHOST, a highly sophisticated backdoor rooted in the notorious Gh0st RAT. Leveraging...
View ArticleMalware Targeting the Ukrainian Military: SSH Over TOR Backdoor Unveiled
Security researcher Artem Baranov has detailed a sophisticated malware campaign targeting the Ukrainian military through a backdoor leveraging SSH over TOR. The campaign exploits the digital...
View ArticleIPMsg Installer Weaponized: Lazarus Group Targets Crypto & Finance
The notorious APT-C-26 (Lazarus) group, known for its advanced persistence and cyber espionage tactics, has resurfaced with a new campaign targeting financial institutions and cryptocurrency exchanges....
View ArticleIBM’s HashiCorp Acquisition Under Scrutiny: CMA Investigates Competition...
The United Kingdom’s Competition and Markets Authority (CMA) recently announced that it would launch an investigation into IBM’s $6.4 billion acquisition of HashiCorp, a software company specializing...
View ArticleStealthy UEFI Bootkit Targets Windows Kernel, Raising Security Concerns
Security researchers NSG650 and Pdawg have unveiled a proof-of-concept UEFI bootkit that exploits a critical firmware function to compromise the Windows kernel during the boot process. This bootkit...
View Article66,000 DrayTek Gateways Vulnerable to Remote Command Injection...
Security researcher Netsecfish has discovered a command injection vulnerability, tracked as CVE-2024-12987, in the web management interface of popular DrayTek gateway devices. This flaw could enable...
View ArticleCVE-2024-11944: TrueNAS CORE Vulnerability Allows Unauthenticated Attacks
A critical vulnerability has been uncovered in TrueNAS CORE, the popular open-source network-attached storage (NAS) operating system. Tracked as CVE-2024-11944 and assigned a CVSS score of 7.5, this...
View ArticleTreasury Department Hit by Major Cybersecurity Incident, China Suspected
The U.S. Department of the Treasury has disclosed a major cybersecurity incident, potentially compromising sensitive government information. In a letter to the Senate Committee on Banking, Housing, and...
View ArticleCISA Warns of Actively Exploited Palo Alto Firewall Flaw (CVE-2024-3393)
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about an actively exploited vulnerability in Palo Alto Networks PAN-OS firewall software. This critical flaw,...
View ArticleCisco Confirms No Breach After Threat Actor Releases More Data
Cisco has reassured customers and the public that its systems remain secure following recent social media posts and a data breach by a threat actor known as IntelBroker. The company... The post Cisco...
View ArticleLineageOS 22.1 Blasts Off: A New Era of Customization with Android 15!
The LineageOS team has smashed expectations with a lightning-fast release of LineageOS 22.1, based on Android 15 QPR1. Thanks to a surge in passionate contributors and new project leaders, the... The...
View ArticleCVE-2024-21182: PoC Exploit Code Published for Severe WebLogic Flaw
A security researcher published a proof-of-concept (PoC) exploit for CVE-2024-21182, a critical vulnerability in Oracle WebLogic Server. Rated The post CVE-2024-21182: PoC Exploit Code Published for...
View ArticleD-Link Issues Warning on End-of-Life Routers Vulnerable to Botnet Exploits
D-Link has issued a critical advisory urging users to retire and replace several legacy router models, including the The post D-Link Issues Warning on End-of-Life Routers Vulnerable to Botnet Exploits...
View ArticleNew Research Reveals a Novel “Bad Likert Judge” Technique to Jailbreak LLMs
Researchers at Unit 42 have discovered a new technique, dubbed “Bad Likert Judge,” that can bypass the safety The post New Research Reveals a Novel “Bad Likert Judge” Technique to Jailbreak LLMs...
View ArticleFrom Fake Installers to Stolen Credentials: Decoding the LegionLoader Threat
TRAC Labs has released an in-depth report on LegionLoader, a sophisticated downloader malware that has evolved significantly since The post From Fake Installers to Stolen Credentials: Decoding the...
View ArticleCVE-2024-12108 (CVSS 9.6) and Beyond: Progress Issues Critical Patch for...
Progress Software Corporation, a global provider of products to develop, deploy, and manage high-impact business applications, has issued The post CVE-2024-12108 (CVSS 9.6) and Beyond: Progress Issues...
View ArticlePoC Exploit Released for Zero-Click Vulnerability CVE-2024-49113 in Windows
SafeBreach Labs revealed a zero-click vulnerability in the Windows Lightweight Directory Access Protocol (LDAP) service, dubbed “LDAP Nightmare”. The post PoC Exploit Released for Zero-Click...
View Article