#acer

As “P4x,” Alejandro Caceres single-handedly disrupted the internet of an entire country. Then he tried to show the US military how it can—and should—adopt his methods.

It's critical for security teams to stay vigilant not only when it comes to major security issues, but also with minor lags in security best practice.

By Waqas New AI-Dodging Phishing Attack AI Security and Exploits Machine Learning. This is a post from HackRead.com Read the original post: Cybercriminals Beta Test New Attack to Bypass AI Security

By Deeba Ahmed While Fujitsu did not disclose in-depth details, the company confirmed investigating a cyberattack that may have led to a data breach. This is a post from HackRead.com Read the original post: Fujitsu Scrambles After Malware Attack: Customer Data Potentially Breached

### Summary An attacker can exploit a critical flaw in the application to initiate a Denial of Service (DoS) attack, rendering the application inoperable and affecting all users. The issue arises from unsafe manipulation of an array in a multi-threaded environment. ### Details The vulnerability is rooted in the application's code, where an array is being modified while it is being iterated over. This is a classic programming error but becomes critically unsafe when executed in a multi-threaded environment. When two threads interact with the same array simultaneously, the application crashes. The core issue is located in [expireOldFailedAttempts](https://github.com/argoproj/argo-cd/blob/54601c8fd30b86a4c4b7eb449956264372c8bde0/util/session/sessionmanager.go#L302-L311) function: ```go func expireOldFailedAttempts(maxAge time.Duration, failures *map[string]LoginAttempts) int { expiredCount := 0 for key, attempt := range *failures { if time.Since(attempt.LastFailed) > maxAge*time.Sec...

MSMS-PHP version 1.0 suffers from a remote shell upload vulnerability.

A global network of violent predators is hiding in plain sight, targeting children on major platforms, grooming them, and extorting them to commit horrific acts of abuse.

Membership Management System version 1.0 suffers from a remote SQL injection vulnerability.

Cyberattacks and criminal scams can impact anyone. But communities of color and other marginalized groups are often disproportionately impacted and lack the support to better protect themselves.

By Deeba Ahmed According to cybersecurity firm Pen Test Partners, Livall’s smart helmets had an inherent flaw that could lead to… This is a post from HackRead.com Read the original post: Smart Helmets Flaw Exposed Millions to Risk of Hacking and Surveillance