Cybersecurity researchers are sounding the alarm over significant risks associated with vulnerabilities in the software supply chain for machine learning (ML). Recently, over 20 vulnerabilities were identified across various MLOps platforms, which could be...
The Bling Libra group, known as the creator of the ShinyHunters ransomware, has altered its operational tactics, shifting from selling stolen data to extortion. This change came to light following an incident in which...
The hacker known as USDoD has revealed his identity, claiming to be 33-year-old Luan G. from the state of Minas Gerais, Brazil. USDoD, also known as EquationCorp, is infamous for the data breach of...
A lawsuit has recently been filed in the United States against one of the nation’s leading research universities, accused of violating cybersecurity standards established by the Department of Defense (DoD). The Georgia Institute of...
Aon has uncovered a new Linux malware named sedexp, which has remained undetected since 2022 due to its unique stealth techniques. This malware enables attackers to remotely control infected devices and execute attacks. What...
Last week, Google released an urgent security update for Chrome to address a vulnerability, identified as CVE-2024-7971, which had already been exploited by hackers. This vulnerability, located in Chrome’s JavaScript V8 engine, is a...
The Cybersecurity and Infrastructure Security Agency (CISA) has added a newly identified vulnerability affecting the Versa Director platform to its catalog of Known Exploited Vulnerabilities (KEV). This decision is based on confirmed reports of...
A new remote access trojan (RAT) named MoonPeak was uncovered in a cyber group’s campaign linked to the North Korean government. Cisco Talos experts have attributed this malicious campaign to the hacker group UAT-5394,...
Cybersecurity researchers have uncovered a new malware called PG_MEM, designed to compromise PostgreSQL databases for cryptocurrency mining. This malicious software employs a brute-force technique to crack database credentials and subsequently execute harmful operations. Assaf...
Researchers at Sophos have uncovered an attack involving the Qilin ransomware, during which cybercriminals stole account credentials stored in the Google Chrome browser on a number of compromised devices. The incident, discovered in July...
Mandiant has identified a new type of malware that operates solely within system memory and employs a sophisticated infection chain. The PEAKLIGHT loader decodes and deploys infostealers based on PowerShell. The infection chain begins...
PatchStack specialists have discovered a critical vulnerability in the LiteSpeed Cache plugin for WordPress, which could allow attackers to gain administrator privileges on a site. This flaw potentially affects over 5 million websites utilizing...
