In the era of big data, training Vision Transformer (ViT) models on extensive datasets has become the standard for enhancing performance in various AI tasks. Visual Prompts (VP), which introduce task-specific parameters, allow efficient...
The United States Cybersecurity and Infrastructure Security Agency (CISA) included a vulnerability affecting Mirth Connect from NextGen Healthcare in its Known Exploited Vulnerabilities (KEV) catalog last Monday, May 20. The vulnerability, designated CVE-2023-43208, involves...
Tenable experts have identified a critical vulnerability in Fluent Bit, which could lead to DoS attacks and remote code execution. This flaw affects all major cloud providers, including Amazon AWS, Google GCP, and Microsoft...
Students Alexander Sherbrooke and Iakov Taranenko from the University of California, Santa Cruz, discovered a critical vulnerability in the payment system of CSC ServiceWorks laundries, allowing anyone to use the machines for free. Despite...
A group of scientists from Singapore has developed a method to interfere with the operation of autonomous vehicles that use computer vision for road sign recognition. The new technique, called GhostStripe, poses a potential...
The Cybersecurity and Infrastructure Security Agency (CISA) has added two new vulnerabilities in D-Link routers to its Known Exploited Vulnerabilities (KEV) catalog based on evidence of their active exploitation. The CSRF vulnerability CVE-2014-100005 affects...
On May 14, 2024, a new version of Git, v2.45.1, was released, addressing five security vulnerabilities. This update impacts all major platforms: Windows, macOS, Linux, and BSD. Corresponding updates have also been released for...
The Check Point Research team has discovered an exploit targeting Foxit Reader users, which leverages user inattention to execute malicious code. Numerous cybercriminals are actively exploiting this vulnerability, which exploits weaknesses in Foxit Reader’s...
The Belgian university KU Leuven has identified a vulnerability in the Wi-Fi IEEE 802.11 standard, which allows an attacker to deceive victims into connecting to a fake Wi-Fi network and intercepting traffic. According to...
The world’s largest vulnerability database, NVD, managed by the U.S. National Institute of Standards and Technology (NIST), recently experienced a significant disruption that led to a substantial increase in the number of unpublished vulnerabilities....
Microsoft has patched a zero-day vulnerability that was actively exploited to propagate the QakBot botnet on Windows systems. The heap-based buffer overflow vulnerability, CVE-2024-30051 (CVSS score 7.8), affects the Desktop Window Manager (DWM) library....
Microsoft has unveiled the May Patch Tuesday update, which includes fixes for 61 vulnerabilities, including three zero-day vulnerabilities that were either actively exploited or publicly disclosed prior to the patch. Among all the addressed...
Four critical vulnerabilities have been identified in VMware Workstation and Fusion products, potentially allowing attackers to access confidential information, conduct DoS attacks, and execute arbitrary code. These issues affect Workstation 17.x and Fusion 13.x...
Experts from SSD Secure Disclosure have discovered vulnerabilities in the D-Link EXO AX4800 (DIR-X4860) router, which allow an attacker to gain complete control over the device. The flaws were found in DIR-X4860 routers with...
Google has urgently released patches for a newly discovered zero-day flaw in Chrome, following reports of active exploitation by unknown attackers. The vulnerability, catalogued as CVE-2024-4947, affects the V8 JavaScript engine integral to Google’s...
The developers of Cacti, an open-source system for network monitoring and management, have addressed 12 vulnerabilities, including two critical ones leading to arbitrary code execution. Here are the most severe vulnerabilities that have been...
