A new ransomware strain called Nnice has emerged as a significant threat to Windows systems, employing sophisticated encryption techniques and evasion methods. First observed on…
A critical vulnerability, identified as CVE-2024-46982, has been discovered in the popular Next.js framework, widely used for building full-stack web applications. This flaw exposes websites…
In a remarkable display of creativity, a researcher showcased how an artificial intelligence (AI) system’s tightly guarded “system prompt” could be indirectly accessed not through…
Researchers uncovered a critical security vulnerability in Rails applications that leverages the Bootsnap caching library. This exploit allows attackers to achieve remote code execution (RCE) by…
The ClamAV team has announced the release of security patch updates for ClamAV versions 1.4.2 and 1.0.8. These updates address a critical vulnerability and include…
A newly discovered attack technique, dubbed the “cookie sandwich,” enables attackers to bypass the HttpOnly flag on certain servers, exposing sensitive cookies, including session identifiers,…
A sophisticated supply chain attack targeting Chrome browser extensions has compromised at least 35 Chrome extensions, potentially exposing over 2.6 million users to data theft…
A new ransomware threat dubbed “Helldown” has emerged, actively exploiting vulnerabilities in Zyxel firewall devices to breach corporate networks. Cybersecurity researchers have uncovered evidence linking…
Cybersecurity researchers have uncovered a new threat targeting developers using Visual Studio Code (VS Code). A malicious extension masquerading as a Zoom app has been…
Amazon Web Services (AWS) has announced a set of best practices aimed at helping customers protect their cloud environments against ransomware attacks and other unauthorized…
A former CIA analyst, Asif William Rahman, 34, pleaded guilty today to unlawfully retaining and transmitting Top Secret National Defense Information, which was later leaked…
A sophisticated supply-chain attack targeting a South Korean VPN provider. The attack has been attributed to a previously undisclosed China-aligned Advanced Persistent Threat (APT) group,…
