Windows 10 KB5055612 preview update fixes a GPU bug in WSL2
Microsoft has released the optional KB5055612 preview cumulative update for Windows 10 22H2 with two changes, including a fix for a GPU paravirtualization bug in…
Month: April 2025
Malicious npm Packages Attacking Linux Developers to Install SSH Backdoors
A concerning new supply chain attack has emerged targeting Linux developers who work with Telegram’s bot ecosystem. Discovered in early 2025, several malicious npm packages…
Embracing the Illusion of Free Will
Image from maniacsworld I am often asked how I square the circle of recognizing that free will doesn’t exist but still embracing the joys of…
Hackers abuse Zoom remote control feature for crypto-theft attacks
A hacking group dubbed ‘Elusive Comet’ targets cryptocurrency users in social engineering attacks that exploit Zoom’s remote control feature to trick users into granting them…
Advanced Cyber Security Tools Every eCommerce Site Needs
In an era where online shopping has become second nature and eCommerce revenues are breaking new records every year, the trust between customer and vendor…
Ofcom Bans Global Titles Leasing To Thwart Mobile Abuse
The UK communications regulator Ofcom has banned leasing of “Global Titles,” a special phone number type used in mobile network signaling, in a landmark decision…
FBI Warns of Scammers Mimic as IC3 Employees to Defraud Individuals
The Federal Bureau of Investigation (FBI) has issued an urgent warning about a sophisticated phishing campaign where cybercriminals impersonate Internet Crime Complaint Center (IC3) employees…
SSL.com Vulnerability Allowed Fraudulent SSL Certificates for Major Domains
An SSL.com vulnerability allowed attackers to issue valid SSL certificates for major domains by exploiting a bug in its email-based domain verification method. Internet security…
Free Will Revisited | Daniel Miessler
At a recent team meetup in Atlanta I had the chance to talk to someone who actually enjoyed hearing about my perspective on free will,…
SK Telecom warns customer USIM data exposed in malware attack
South Korea’s largest mobile operator, SK Telecom, is warning that a malware infection allowed threat actors to access sensitive USIM-related information for customers. SK Telecom…
New Magecart Attack With Malicious JavaScript Steals Credit Card Data
A sophisticated Magecart attack campaign has been discovered targeting e-commerce platforms, employing heavily obfuscated JavaScript code to harvest sensitive payment information. This latest variant of…
Samsung One UI Vulnerability Leaks Sensitive Data in Plain Text With no expiration!
A glaring vulnerability has come to light within Samsung’s One UI interface: the clipboard history function stores all copied text, including sensitive data like passwords…