Signal, the end-to-end encrypted messaging app, spends around $33 million annually to maintain its privacy systems…
Category: Security
Cloudflare, Google and AWS Disclose HTTP/2 Zero-Day Vulnerability
Cloudflare, Google, and AWS have disclosed a new zero-day vulnerability attack, “HTTP/2 Rapid Reset,” which exploits…
Kinsing Actors Exploiting Recent Linux Flaw to Breach Cloud Environments
Kinsing threat actors are exploiting a newly disclosed Linux flaw, Looney Tunables, to breach cloud environments.…
Asahi Linux finds macOS bug that leaves machines unbootable
Asahi Linux has discovered a combination of bugs in Apple’s macOS that could render hardware difficult…
New CVSS 4.0 vulnerability severity rating standard released
The Forum of Incident Response and Security Teams (FIRST) has launched CVSS v4.0, the latest version…
Researchers Uncover Wiretapping of XMPP-Based Instant Messaging Service
A lawful interception attempt has been discovered on the XMPP-based messaging service, jabber[.]ru. The six-month-long attack…
Hackers can force iOS and macOS browsers to divulge passwords and much more
Researchers have discovered an attack, named iLeakage, that exploits a side channel vulnerability in Apple’s A-…
Now Android and Windows devices aren’t safe from Flipper Zero either
The Flipper Zero, a multi-tool device for hackers, can now target Android and Windows devices with…
Backdoor Implanted on Hacked Cisco Devices Modified to Evade Detection
A threat actor has modified a backdoor implanted on Cisco devices, making it invisible to previous…
Breyer on chat control investigative research: EU Commissioner as double agent of foreign interference
A campaign supporting the EU’s proposed child sexual abuse regulation, which includes controversial “chat control” measures,…
OpenAI’s flagship AI model has gotten more trustworthy but easier to trick
OpenAI’s GPT-4 language model is more trustworthy but also more susceptible to jailbreaking and bias than…
Actively exploited Cisco 0-day with maximum 10 severity gives full network control
Cisco has discovered a critical zero-day vulnerability, CVE-2023-20198, that is being actively exploited, granting attackers full…
Encrypted Client Hello (ECH) Effectively Defeats Pirate Site Blocking
Cloudflare has implemented Encrypted Client Hello (ECH), a privacy technology that could render ISP site blocking…
Hundreds of malicious Python packages found stealing sensitive data
A malicious campaign has been planting info-stealing packages on open-source platforms, with around 75,000 downloads so…
Malicious HDMI Cables Steals Photos, Videos, and Location Data
John Bumstead of 404Media discovered an iPhone-to-HDMI adapter that prompts users to download an invasive app…
ChatGPT restrictions: How to bypass them for an uncensored chatbot
AI chatbots like ChatGPT have limitations to prevent copyright infringement, dangerous advice, and misinformation. However, techniques…
Critical vulnerabilities in Exim threaten over 250k email servers worldwide
Thousands of servers running the Exim mail transfer agent are at risk due to critical vulnerabilities…
GPUs from all major suppliers are vulnerable to new pixel-stealing attack
Researchers have discovered a new attack, GPU.zip, that allows malicious websites to bypass internet security measures…
Oops! Google Search caught publicly indexing users’ conversations with Bard AI
Google’s conversational AI product, Google Bard, has been found to index shared conversational links into its…