#mac

LayerX Labs reports a sophisticated macOS phishing campaign, evading security measures. Learn how attackers adapt and steal credentials from Mac users.

This week on the Lock and Code podcast, we speak with Carey Parker about what Google Chrome knows about you.

Counterfeit products are a growing problem in today’s market. With advancements in technology, counterfeiters have become more skilled…

AI systems are becoming a huge part of our lives, but they are not perfect. Red teaming helps…

Oracle denies breach claims as hacker alleges access to 6 million cloud records. CloudSEK reports a potential zero-day exploit affecting 140,000 tenants.

Credential theft alert! Venak Security discovers a BYOVD attack using .SYS drivers to bypass Windows security. Learn how…

Today, we are discussing Computer Vision applications, one of the most impactful AI-powered technologies that is reshaping our…

In this week’s Threat Source newsletter, William pitches a fun comparison between baseball legend Ichiro Suzuki and the unsung heroes of information security, highlights newly released UAT-5918 research, and shares an exciting new Talos video.

A vulnerability in the `LockManager.release_locks` function in aimhubio/aim (commit bb76afe) allows for arbitrary file deletion through relative path traversal. The `run_hash` parameter, which is user-controllable, is concatenated without normalization as part of a path used to specify file deletion. This vulnerability is exposed through the `Repo._close_run()` method, which is accessible via the tracking server instruction API. As a result, an attacker can exploit this to delete any arbitrary file on the machine running the tracking server.

Chinese ecommerce giants like Temu and AliExpress sell drone accessories like those used by soldiers in the Russia-Ukraine conflict.