Security
Headlines
HeadlinesLatestCVEs

Tag

#ddos

DOGE to Fired CISA Staff: Email Us Your Personal Data

A message posted on Monday to the homepage of the U.S. Cybersecurity & Infrastructure Security Agency (CISA) is the latest exhibit in the Trump administration's continued disregard for basic cybersecurity protections. The message instructed recently-fired CISA employees to get in touch so they can be rehired and then immediately placed on leave, asking employees to send their Social Security number or date of birth in a password-protected email attachment -- presumably with the password needed to view the file included in the body of the email.

Krebs on Security
Open in Source
#web#ddos#git#intel#wifi#blog
ChatGPT Down as Users Report “Gateway Time-out” Error

ChatGPT Down: Users report "Gateway time-out" errors. OpenAI's popular AI chatbot is experiencing widespread outages. Stay updated on the service disruption.

Cybersecurity in Crypto: Best Practices to Prevent Theft and Fraud

Cybersecurity tips to protect your cryptocurrency from hackers, scams, and fraud. Learn best practices for securing digital assets…

End-to-End Encrypted Texts Between Android and iPhone Are Coming

Plus: A nominee to lead CISA emerges, Elon Musk visits the NSA, a renowned crypto cracking firm’s secret (and problematic) cofounder is revealed, and more.

GHSA-hw46-3hmr-x9xv: omniauth-saml has dependency on ruby-saml version with Signature Wrapping Attack issue

### Summary There are 2 new Critical Signature Wrapping Vulnerabilities (CVE-2025-25292, CVE-2025-25291) and a potential DDOS Moderated Vulneratiblity (CVE-2025-25293) affecting ruby-saml, a dependency of omniauth-saml. The fix will be applied to ruby-saml and released 12 March 2025, under version 1.18.0. Please [upgrade](https://github.com/omniauth/omniauth-saml/blob/master/omniauth-saml.gemspec#L16) the ruby-saml requirement to v1.18.0. ### Impact Signature Wrapping Vulnerabilities allows an attacker to impersonate a user.

What Really Happened With the DDoS Attacks That Took Down X

Elon Musk said a “massive cyberattack” disrupted X on Monday and pointed to “IP addresses originating in the Ukraine area” as the source of the attack. Security experts say that's not how it works.

Musk Blames X (Twitter) Outage on Cyberattack, Links It to Ukraine

Elon Musk has confirmed a massive cyberattack on his social media platform, X (once Twitter), causing widespread technical…

X users report login troubles as Dark Storm claims cyberattack

In the early morning hours of March 10, thousands of users on X (formerly Twitter) began having trouble logging into the...

Cloud IMS: The Confluence of Innovation and Security in Modern Telecommunications

The telecom industry is at a major turning point. With 5G, IoT, and AI reshaping global connectivity, the…