Tag
Canadian law enforcement authorities have arrested an individual who is suspected to have conducted a series of hacks stemming from the breach of cloud data warehousing platform Snowflake earlier this year. The individual in question, Alexander "Connor" Moucka (aka Judische and Waifu), was apprehended on October 30, 2024, on the basis of a provisional arrest warrant, following a request by the
Google has warned that a security flaw impacting its Android operating system has come under active exploitation in the wild. The vulnerability, tracked as CVE-2024-43093, has been described as a privilege escalation flaw in the Android Framework component that could result in unauthorized access to "Android/data," "Android/obb," and "Android/sandbox" directories and its sub-directories,
The Pakistan-based advanced persistent threat actor has been carrying on a cyber-espionage campaign targeting organizations on the subcontinent for more than a decade, and it's now using a new and improved "ElizaRAT" malware.
If you searched for your bank's login page via Bing recently, you may have visited a fraudulent website enabling criminals to get your credentials and even your two-factor security code.
IBM Security Verify Access versions prior to 10.0.8 suffer from authentication bypass, reuse of private keys, local privilege escalation, weak settings, outdated libraries, missing password, hardcoded secrets, remote code execution, missing authentication, null pointer dereference, and lack of privilege separation vulnerabilities.
SQLite3 suffers from a stack buffer underflow condition in seriesBestIndex in the generate_series extension.
A research tool by the company found a vulnerability in the SQLite open source database, demonstrating the "defensive potential" for using LLMs to find vulnerabilities in applications before they're publicly released.
Hackers claim to have breached Nokia through a third-party contractor, allegedly stealing SSH keys, source code, and internal…
Scammers are exploiting DocuSign’s APIs to send realistic fake invoices, primarily targeting security software like Norton. This phishing…
There exists a Path Traversal vulnerability in Safearchive on Platforms with Case-Insensitive Filesystems (e.g., NTFS). This allows Attackers to Write Arbitrary Files via Archive Extraction containing symbolic links. We recommend upgrading past commit f7ce9d7b6f9c6ecd72d0b0f16216b046e55e44dc