New Inception attack leaks sensitive data from all AMD Zen CPUs
Researchers have discovered a new and powerful transient execution attack called ‘Inception’ that can leak privileged secrets and data using unprivileged processes on all AMD…
Category: Bleeping Computer
Malicious extensions can abuse VS Code flaw to steal auth tokens
Microsoft’s Visual Studio Code (VS Code) code editor and development environment contains a flaw that allows malicious extensions to retrieve authentication tokens stored in Windows,…
New Downfall attacks on Intel CPUs steal encryption keys, data
A senior research scientist at Google has devised new CPU attacks to exploit a vulnerability dubbed Downfall that affects multiple Intel microprocessor families and allows…
Microsoft Office update breaks actively exploited RCE attack chain
Microsoft today released a defense-in-depth update for Microsoft Office that prevents exploitation of a remote code execution (RCE) vulnerability tracked as CVE-2023-36884 that threat actors…
Windows 10 KB5029244 and KB5029247 updates released
Microsoft has released Windows 10 KB5029244 and KB5028168 cumulative updates for versions 22H2, 21H2, and 1809 to fix problems and add new features to the…
Microsoft August 2023 Patch Tuesday warns of 2 zero-days, 87 flaws
Tag CVE ID CVE Title Severity .NET Core CVE-2023-38178 .NET Core and Visual Studio Denial of Service Vulnerability Important .NET Core CVE-2023-35390 .NET and Visual…
Windows 11 KB5029263 cumulative update released with 27 fixes
Microsoft has released the Windows 11 22H2 KB5029263 cumulative update to fix security vulnerabilities and introduce 27 changes, improvements, and bug fixes. KB5029263 is a…
Interpol takes down 16shop phishing-as-a-service platform
A joint operation between Interpol and cybersecurity firms has led to an arrest and shutdown of the notorious 16shop phishing-as-a-service (PhaaS) platform. Phishing-as-a-service platforms offer…
Android 14 to let you block connections to unencrypted cellular networks
Image: Midjourney Google has announced new cellular security features for its upcoming Android 14, expected later this month, that aim to protect business data and…
Android 14 to block connections to unencrypted cellular networks
Image: Midjourney Google has announced new cellular security features for its upcoming Android 14, expected later this month, that aim to protect business data and…
UK Electoral Commission data breach exposes 8 years of voter data
The UK Electoral Commission disclosed a massive data breach exposing the personal information of anyone who registered to vote in the United Kingdom between 2014…
Hackers increasingly abuse Cloudflare Tunnels for stealthy connections
Hackers are increasingly abusing the legitimate Cloudflare Tunnels feature to create stealthy HTTPS connections from compromised devices, bypass firewalls, and maintain long-term persistence. The technique…