Cisco has discovered a critical zero-day vulnerability, CVE-2023-20198, that is being actively exploited, granting attackers full…
Category: Security
Encrypted Client Hello (ECH) Effectively Defeats Pirate Site Blocking
Cloudflare has implemented Encrypted Client Hello (ECH), a privacy technology that could render ISP site blocking…
Hundreds of malicious Python packages found stealing sensitive data
A malicious campaign has been planting info-stealing packages on open-source platforms, with around 75,000 downloads so…
Malicious HDMI Cables Steals Photos, Videos, and Location Data
John Bumstead of 404Media discovered an iPhone-to-HDMI adapter that prompts users to download an invasive app…
ChatGPT restrictions: How to bypass them for an uncensored chatbot
AI chatbots like ChatGPT have limitations to prevent copyright infringement, dangerous advice, and misinformation. However, techniques…
Critical vulnerabilities in Exim threaten over 250k email servers worldwide
Thousands of servers running the Exim mail transfer agent are at risk due to critical vulnerabilities…
GPUs from all major suppliers are vulnerable to new pixel-stealing attack
Researchers have discovered a new attack, GPU.zip, that allows malicious websites to bypass internet security measures…
Oops! Google Search caught publicly indexing users’ conversations with Bard AI
Google’s conversational AI product, Google Bard, has been found to index shared conversational links into its…
‘All Of Sony Systems’ Allegedly Hacked By New Ransomware Group
A new dark web group, Ransomed.vc, claims to have breached all of Sony’s systems in a…
LLM Guard: Open-source toolkit for securing Large Language Models
LLM Guard, a toolkit designed to enhance the security of Large Language Models (LLMs), is now…
Microsoft AI researchers accidentally exposed terabytes of internal sensitive data | TechCrunch
Microsoft AI researchers inadvertently exposed tens of terabytes of sensitive data, including private keys and passwords,…
Chinese hackers have unleashed a never-before-seen Linux backdoor
Researchers have uncovered a new Linux backdoor, dubbed SprySOCKS, linked to the Chinese government-associated threat group,…
Think Your MFA and PAM Solutions Protect You? Think Again
A report by Osterman Research reveals that Multi-Factor Authentication (MFA) and Privileged Access Management (PAM) solutions…
Password-stealing Linux malware served for 3 years and no one noticed
For over three years, a download site secretly served Linux users malware that stole sensitive information,…
PS5: SpecterDev releases sprx/self decrypter payload for all hackable firmwares – Wololo.net
SpecterDev has released a payload for all hackable PS5 Firmwares, enabling the decryption of system binaries,…
Exploit released for critical VMware SSH auth bypass vulnerability
A critical SSH authentication bypass vulnerability in VMware’s Aria Operations for Networks tool has been exposed.…
Hacking campaign bruteforces Cisco VPNs to breach networks
Hackers are exploiting Cisco Adaptive Security Appliance (ASA) SSL VPNs in credential stuffing and brute-force attacks.…
Hackers shut down 2 of the world’s most advanced telescopes
Leading astronomical observatories have suffered cyberattacks, causing temporary shutdowns. The National Science Foundation’s National Optical-Infrared Astronomy…
Multiple Notepad++ Flaws Let Attackers Execute Arbitrary Code
Several Buffer Overflow vulnerabilities have been found in Notepad++, an open-source C++-based source code editor. These…
Microsoft signing keys keep getting hijacked, to the delight of Chinese threat actors
Microsoft’s digital keys were hijacked by an unknown threat actor, identified as Carderbee by Symantec researchers,…