General Security News
-
Top 7 REST API Security Strategies to Secure Your Endpoints
In today’s REST API-driven landscape, most APIs are REST-based and widely utilized by web applications. These APIs are like versatile tools for...
-
Supermicro's BMC Firmware Found Vulnerable to Multiple Critical Vulnerabilities
Multiple security vulnerabilities have been disclosed in the Intelligent Platform Management Interface (IPMI) firmware for Supermicro baseboard...
-
QakBot Threat Actors Still in Action, Using Ransom Knight and Remcos RAT in Latest Attacks
Despite the disruption to its infrastructure, the threat actors behind the QakBot malware have been linked to an ongoing phishing campaign since...
-
Cisco Releases Urgent Patch to Fix Critical Flaw in Emergency Responder Systems
Cisco has released updates to address a critical security flaw impacting Emergency Responder that allows unauthenticated, remote attackers to sign...
-
Hackers are Abusing Dropbox to Steal Microsoft SharePoint Credentials
A growing cyber threat involving Dropbox has emerged, and it’s raising concerns across the cybersecurity landscape. In the initial two weeks of...
-
Looney Tunables: Linux Vulnerability Lets Attackers Gain Root Privileges
A buffer overflow issue has been disclosed in the GNU C Library’s dynamic loader ld.so, which might allow local attackers to acquire root...
-
ShellTorch Flaw Exposes Thousands of AI Servers to RCE Attacks
ShellTorch Serve is an open-source model-serving library developed by PyTorch that simplifies the deployment of machine learning models for...
-
Apple Rolls Out Security Patches for Actively Exploited iOS Zero-Day Flaw
Apple on Wednesday rolled out security patches to address a new zero-day flaw in iOS and iPadOS that it said has come under active exploitation in...
-
Atlassian Confluence Hit by New Actively Exploited Zero-Day – Patch Now
Atlassian has released fixes to contain an actively exploited critical zero-day flaw impacting publicly accessible Confluence Data Center and...
-
Researchers Link DragonEgg Android Spyware to LightSpy iOS Surveillanceware
New findings have identified connections between an Android spyware called DragonEgg and another sophisticated modular iOS surveillanceware tool...
-
Hackers Steal User’s Database From European Telecommunications Standards Institute
The European Telecommunications Standards Institute (ETSI) has uncovered a data breach in which threat actors obtained a database holding a list...
-
Zip Slip Vulnerability Let Attacker Import Malicious Code and Execute Arbitrary Code
A critical Zip Slip vulnerability was discovered in the open-source data cleaning and transformation tool ‘OpenRefine’, which allowed attackers to...