Tag
The addition of Solvo CSPM to CYE Hyver aims to address the need for multicloud vulnerability monitoring and risk assessment.
China-based DeepSeek has exploded in popularity, drawing greater scrutiny. Case in point: Security researchers found more than 1 million records, including user data and API keys, in an open database.
A team of security researchers from Georgia Institute of Technology and Ruhr University Bochum has demonstrated two new side-channel attacks targeting Apple silicon that could be exploited to leak sensitive information from web browsers like Safari and Google Chrome. The attacks have been codenamed Data Speculation Attacks via Load Address Prediction on Apple Silicon (SLAP) and Breaking the
The now-fixed vulnerability involved a major travel services company that's integrated with dozens of airline websites worldwide.
### Impact The [ContextLines integration](https://docs.sentry.io/platforms/javascript/guides/node/configuration/integrations/contextlines/) uses readable streams to more efficiently use memory when reading files. The ContextLines integration is used to attach source context to outgoing events. The stream was not explicitly closed after use. This could lead to excessive amounts of file handles open on the system and potentially lead to a Denial of Service (DoS). The ContextLines integration is enabled by default in the Node SDK (`@sentry/node`) and SDKs that run in Node.js environments (`@sentry/astro`, `@sentry/aws-serverless`, `@sentry/bun`, `@sentry/google-cloud-serverless`, `@sentry/nestjs`, `@sentry/nextjs`, `@sentry/nuxt`, `@sentry/remix`, `@sentry/solidstart`, `@sentry/sveltekit`). ### Patches Users should upgrade to version `8.49.0` or higher. ### Workarounds To remediate this issue in affected versions without upgrading to version `8.49.0` and above you can disable the Co...
McAfee Labs uncovers malicious GitHub repositories distributing Lumma Stealer malware disguised as game hacks and cracked software. Learn…
Malware writing is only one of several malicious activities for which the new, uncensored generative AI chatbot can be used.
Amid ongoing fears over TikTok, Chinese generative AI platform DeepSeek says it’s sending heaps of US user data straight to its home country, potentially setting the stage for greater scrutiny.
A critical vulnerability in Brave Browser allows malicious websites to appear as trusted sources during file uploads/downloads. Learn…
Plus: A hacker finds an issue with Cloudflare’s systems that could reveal app users’ rough locations, and the Trump administration puts a wrench in a key cybersecurity investigation.