A new study by the University of Chicago has uncovered a vulnerability within the Meta Quest VR system that allows malefactors to hijack user devices, pilfer confidential information, and manipulate social interactions using generative...
Moxa expressed its gratitude to the experts at Positive Technologies for identifying a dangerous vulnerability in the NPort series of wireless industrial converters. Classified as CVE-2024-1220, this vulnerability was rated as high risk with...
The group known as Magnet Goblin has been actively exploiting vulnerabilities in publicly accessible servers to deploy malware on Windows and Linux systems. This group focuses on exploiting 1-day vulnerabilities—security flaws that have been...
A critical vulnerability in Fortinet’s security systems has impacted approximately 150,000 devices worldwide. The vulnerability, CVE-2024-21762 (CVSS score: 9.8), is characterized as an out-of-bounds write issue in FortiOS, enabling an unauthenticated attacker to execute...
ThreatMon, a cyber threat analysis platform, has reported the emergence of an advertisement on a notorious hacker forum offering a Zero Day exploit for WordPress for sale. The vendor claims that this exploit, implemented...
Apple has issued critical security updates to address two zero-day vulnerabilities in iOS, which have been exploited in real-world attacks against iPhone users. The company disclosed this information on March 5th in a separate...
Nepalese cybersecurity researcher Samip Aryal made history by identifying a vulnerability in Facebook’s password reset system that allowed a malefactor to seize any account without any action from the victim. Aryal’s discovery not only...
In the JetBrains TeamCity On-Premises software, two new security vulnerabilities were identified that could be exploited by malefactors to seize control over the affected systems. The vulnerabilities, assigned the identifiers CVE-2024-27198 with a CVSS...
Researchers at Consumer Reports (CR) have uncovered vulnerabilities in video doorbells manufactured by China’s Eken Group Ltd. The company, which produces devices under the EKEN and Tuck brand names, distributes its products through major...
Semperis has unveiled a novel attack technique named Silver SAML, capable of circumventing protection in identification systems. Silver SAML enables the utilization of SAML to initiate attacks from the identity provider’s side (such as...
Two Chinese hacking factions, known as UNC5325 and UNC3886, breached the security systems of software developed by Ivanti, which is deployed for safeguarding Virtual Private Networks (VPN). Mandiant experts discovered that UNC5325 exploited a...
Information has surfaced online that internet-connected 3D printers by Anycubic have been hacked to alert users to a critical vulnerability within the devices. The hacker added a file named “hacked_machine_readme.gcode,” which typically contains instructions...
