Neuberger Resigns From National Security Council
Anne Neuberger, the Deputy National Security Advisor, Cyber & Emerging Tech at National Security Council, The White House, resigned from her position on January 17,…
Month: January 2025
Windows Common Log File System Zero-day Vulnerability (CVE-2024-49138) Exploited
A zero-day vulnerability in the Windows Common Log File System (CLFS) driver, designated as CVE-2024-49138. This critical flaw, identified by CrowdStrike’s Advanced Research Team, allows…
How a TikTok Ban Could Address Cybersecurity Concerns for the US Government
In recent years, the debate surrounding the potential ban of TikTok in the United States has intensified, driven primarily by growing concerns over national security…
Hackers Deploy Malicious npm Packages to Steal Solana Wallet Keys via Gmail SMTP
Jan 20, 2025Ravie LakshmananSupply Chain Attack / Solana Cybersecurity researchers have identified three sets of malicious packages across the npm and Python Package Index (PyPI)…
Windows 11 BitLocker-Encrypted Files Accessed Without Disassembling Laptops
Researchers demonstrated how attackers can bypass its protections without physically tampering with the device. The exploit, known as “bitpixie” (CVE-2023-21563), was showcased at the Chaos…
PoC Exploit Released for QNAP RCE Vulnerability
A critical remote code execution (RCE) vulnerability, tracked as CVE-2024-53691, has recently come to light, affecting users of QNAP’s QTS and QuTS Hero operating systems.…
Otelier data breach triggers serious data security concerns
Otelier, a widely used data management software in the hospitality industry, has recently made headlines after becoming the target of a data breach, raising significant…
Decentralization is happening everywhere, so why are crypto wallets “walled gardens”?
The twin cryptocurrency and digital identity revolutions are supposed to be building a better future, where anybody can take charge of their sovereignty and security…
Linux Kernal 6.13 Released – What’s New!
Linus Torvalds announced the final release of Linux Kernel 6.13, marking the end of its development cycle. As expected, the past week saw the completion…
Multiple HPE Aruba Network Vulnerabilities Allows Remote Arbitrary Code Execution
Hewlett Packard Enterprise (HPE) has confirmed multiple vulnerabilities in its Aruba Networking products that could allow remote arbitrary code execution. These vulnerabilities, CVE-2025-23051 and CVE-2025-23052,…
AI-driven insights transform security preparedness and recovery
In this Help Net Security interview, Arunava Bag, CTO at Digitate, discusses how organizations can recover digital operations after an incident, prioritize cybersecurity strategies, and…
One in ten GenAI prompts puts sensitive data at risk
Despite their potential, many organizations hesitate to fully adopt GenAI tools due to concerns about sensitive data being inadvertently shared and possibly used to train…