-
Preventing credential theft in the age of AI
In this Help Net Security video, Tina Srivastava, MIT Lecturer and CEO of Badge, discusses a 20-year cryptography problem – using …
-
Full recovery from breaches takes longer than expected
In 2024, businesses reported taking an average of 7.3 months to recover from cybersecurity breaches – 25% longer than expected and over a …
-
macOS WorkflowKit Race Vulnerability Allows Malicious Apps to Intercept Shortcuts
A race condition vulnerability in Apple’s WorkflowKit has been identified, allowing malicious applications to intercept and manipulate …
-
Russian women stepping up for cybercrime outfits
Women are increasingly stepping up to fill roles in Russian-speaking cybercrime outfits, according to research from the Sans Institute, …
-
Ubuntu affected by 10-year-old flaws in needrestart package
Ubuntu users are urged to install updates to patch flaws in the needrestart utility package that could enable local users to escalate their …
-
Wireshark 4.4.2 Released: What’s New!
The Wireshark Foundation has officially announced the release of Wireshark 4.4.2, the latest version of the world’s most popular network …
-
Five Scattered Spider suspects indicted for phishing spree and crypto heists
The US Department of Justice has issued an indictment that names five people accused of stealing millions in cryptocurrency – and we are …
-
Prompt Security secures $18M to enhance enterprise protection against generative AI risks
Generative artificial intelligence security startup Prompt Security Inc. announced today that it had raised $18 million in new funding to …
-
Smashing Security podcast #394: Digital arrest scams and stream-jacking
In our latest episode we discuss how a woman hid under the bed after scammers told her she was under “digital arrest”, how hackers are …
-
Palo Alto Networks delivers strong earnings results despite revenue shortfall
Shares of Palo Alto Networks Inc. sagged more than 5% in late trading today after the network management and security firm fell slightly …
-
Chinese cyberspies, Musk’s Beijing ties, labelled ‘real risk’ to US security by senator
A senior US senator has warned that American tech companies’ activities in China represent a national security risk, in a hearing that …
-
Palo Alto Networks delivers strong first quarter results despite revenue shortfall
Shares in Palo Alto Networks Inc. were down over 5% in late trading today after the network management and security firm fell slightly …
●●●
NVD
- CVE-2024-44308 – The issue was addressed with improved checks. This issue is fixed in Safari 18.1.1, iOS …
- CVE-2018-9467 – In the getHost() function of UriTest.java, there is the possibility of incorrect web …
- CVE-2024-52765 – H3C GR-1800AX MiniGRW1B0V100R007 is vulnerable to remote code execution (RCE) via the …
- CVE-2024-44307 – A buffer overflow issue was addressed with improved memory handling. This issue is fixed …
- CVE-2024-44306 – A buffer overflow issue was addressed with improved memory handling. This issue is fixed …
EXPLOITS
- SOPlanning 1.52.01 (Simple Online Planning Tool) – Remote Code Execution (RCE) (Authenticated)
- openSIS 9.1 – SQLi (Authenticated)
- reNgine 2.2.0 – Command Injection (Authenticated)
- dizqueTV 1.5.3 – Remote Code Execution (RCE)
- Invesalius3 – Remote Code Execution
SECURELIST