More than six years have passed since the discovery of the legendary Spectre vulnerability, yet the latest AMD and Intel processors remain susceptible to speculative execution attacks. This conclusion was reached by researchers from...
In Taiwan, a government entity and a religious organization have fallen victim to the Chinese-linked hacker group, Evasive Panda. The attackers employed a previously unknown toolset called CloudScout, designed to compromise cloud services. CloudScout...
The largest bank in the United States, JPMorgan Chase, has initiated legal action against fraudsters who illicitly withdrew substantial sums through ATMs by exploiting a system vulnerability. The situation went viral on social media...
Microsoft accuses Google of conducting a covert campaign to gain favor with European authorities and antitrust bodies. According to Microsoft, Google is deliberately concealing its involvement in a new lobbying alliance, the Open Cloud...
An audacious fraud campaign has emerged on the social network Threads, where perpetrators openly sell stolen user financial data on the platform. SpyCloud researcher Kayla Cardona reported coming across such posts while simply scrolling...
A patch has been proposed for the upcoming Linux 6.13 kernel version, redesigning the CRC32C checksum algorithm. The new implementation has reduced the code size by nearly tenfold—from 4546 bytes to 418 bytes. This...
The United States has charged Maksim Rudometov, suspected of developing and administering one of the most notorious malware programs in recent years—RedLine. This malware has been extensively used in the cybercriminal underworld to steal...
Three malicious packages, uploaded to the npm repository in September 2024, contained the well-known BeaverTail malware—a JavaScript loader and data theft tool linked to a North Korean campaign named “Contagious Interview.” The Datadog Security...
Over three dozen vulnerabilities have been identified across various open-source artificial intelligence and machine learning models, some of which enable attackers to execute remote code and steal data. Through the Protect AI bounty platform...
Cybersecurity researchers at SonicWall have released an in-depth analysis of a critical remote code execution (RCE) vulnerability in VMware vCenter Server. The vulnerability, identified as CVE-2024-38812, is linked to a heap overflow flaw within...
Cisco has introduced new security features for its ASA and Firepower Threat Defense (FTD) devices, aimed at defending against brute-force and password spraying attacks. Password spraying attacks involve attempting a single password across multiple...
Hackers are exploiting a vulnerability in SonicWall VPN to launch ransomware attacks using the Fog and Akira strains. Experts believe they are taking advantage of CVE-2024-40766—a critical flaw in the SSL VPN access control...
