“I can’t sugarcoat it — this shit is bad,” said Huntress’ CEO Security experts are warning that a high-risk vulnerability in a widely used remote access tool is “trivial and embarrassingly easy” to exploit, as…
It only took three years, but Microsoft is finally fixing one of its annoyances in Windows 11’s File Explorer. The “show more options” double menu? No, unfortunately not. But Microsoft is at least adding explanatory…
Hackers have begun mass exploiting a third vulnerability affecting Ivanti’s widely used enterprise VPN appliance, new public data shows. Last week, Ivanti said it had discovered two new security flaws — tracked as CVE-2024-21888 and…
The maker of a popular smart ski and bike helmet has fixed a security flaw that allowed the easy real-time location tracking of anyone wearing its helmets. Livall makes internet-connected helmets that allow groups of…
Last week Apple released iOS 17.3, iPadOS 17.3, macOS 14.3, tvOS 17.3, and Safari 17.3 to fix a serious zero-day WebKit vulnerability that may have been exploited in the wild. Ahead of the Apple Vision…
On Monday, Apple released the latest round of updates to iOS, iPadOS, macOS, watchOS, and tvOS, which include a few new features, a smattering of bug fixes, and some pretty important security patches. Among them…
?Jan 20, 2024?NewsroomZero Day / Cyber Espionage An advanced China-nexus cyber espionage group previously linked to the exploitation of security flaws in VMware and Fortinet appliances has been linked to the abuse of a critical…
?Jan 18, 2024?NewsroomSupply Chain Attacks / AI Security Continuous integration and continuous delivery (CI/CD) misconfigurations discovered in the open-source TensorFlow machine learning framework could have been exploited to orchestrate supply chain attacks. The misconfigurations could…
?Jan 17, 2024?NewsroomFinancial Data / Vulnerability The point-of-sale (PoS) terminals from PAX Technology are impacted by a collection of high-severity vulnerabilities that can be weaponized by threat actors to execute arbitrary code. The STM Cyber…
?Jan 16, 2024?NewsroomCryptocurrency / Windows Security Threat actors have been observed leveraging a now-patched security flaw in Microsoft Windows to deploy an open-source information stealer called Phemedrone Stealer. “Phemedrone targets web browsers and data from…