A significant vulnerability has been discovered in the Linux operating system, allowing unprivileged attackers the potential to purloin passwords or alter the clipboard contents of their victims. This issue pertains to the wall command...
In a recent report by Google’s cyber experts, it was revealed that the exploitation of zero-day vulnerabilities surged by 50% in 2023, reaching a total of 97 incidents, up from 62 in the previous...
The Cybersecurity and Infrastructure Security Agency (CISA) has expressed concern over the active exploitation of a vulnerability within the Microsoft SharePoint system, which allows malefactors to launch attacks via remote code execution (RCE). The...
Mandiant specialists report that Chinese hackers, identified as UNC5174, are exploiting vulnerabilities in widely-used products to disseminate malicious software capable of installing additional backdoors on compromised Linux hosts. The attacks orchestrated by UNC5174 have...
Security researchers at Horizon3 have disclosed a Proof-of-Concept (PoC) exploit for a critical vulnerability in Fortinet’s FortiClient EMS, which is currently being actively exploited by hackers. The SQL injection vulnerability, CVE-2023-48788 (with a CVSS...
Annually in August, thousands of cybersecurity professionals gather in Las Vegas for an event often dubbed the “hackers’ summer camp.” This period marks the convening of two of the largest information security conferences: Black...
Researchers have uncovered a grave vulnerability within the microarchitecture of Apple’s M-series chips, enabling malefactors to extract secret keys from Mac devices, encompassing both computers and laptops. The crux of the issue lies in...
Ivanti has issued a warning regarding a critical vulnerability in its Standalone Sentry product, which allows attackers to remotely execute arbitrary commands. Designated as CVE-2023-41724, this vulnerability has been rated at 9.6 on the...
In a recent report titled “The State of API Security in 2024” by Imperva, it was revealed that the majority of internet traffic, approximately 70%, is attributed to API calls. In 2023, an average...
Specialists at Check Point Research have uncovered a method of attacking Ethereum blockchain wallets via the CREATE2 function, which enables cybercriminals to circumvent standard security measures and gain unauthorized access to users’ funds. The...
The finale of the North American division of the esteemed eSports discipline Apex Legends was abruptly suspended due to a breach of “competitive integrity.” A nefarious individual managed to infiltrate the computers of professional...
Security experts have recently disclosed a high-severity vulnerability in Kubernetes that, under certain conditions, could allow an attacker to remotely execute code with elevated privileges. “The vulnerability allows remote code execution with SYSTEM privileges on...
Fortinet has released an update to rectify a critical vulnerability in the FortiClient Enterprise Management Server (EMS) software, which allowed attackers to remotely execute code on susceptible servers. FortiClient EMS provides administrators with tools...
In mid-January, security researchers identified a significant campaign distributing the malicious software DarkGate, exploiting a recently patched Microsoft Windows security vulnerability in a zero-day fashion, that is, before its correction. According to Trend Micro,...
A new threat, codenamed GhostRace (CVE-2024-2193), has been identified by research teams from the Vrije Universiteit Amsterdam and IBM Research Europe. This vulnerability compromises the foundational security tools of operating systems and may result...
The team behind GrapheneOS, which is dedicated to developing a secure iteration of the Android Open Source Project (AOSP), identified a flaw within the Bluetooth stack of Android 14 that could lead to remote...
