Patch Bypassed for Supermicro Vulnerability Allowing BMC Hack
Supermicro has patched two BMC vulnerabilities that can be exploited to perform malicious firmware updates on impacted devices. According to firmware security company Binarly, one…
Category: SecurityWeek
Patch Bypassed for Supermicro Vulnerability Allowing BMC Hack
Supermicro has patched two BMC vulnerabilities that can be exploited to perform malicious firmware updates on impacted devices. According to firmware security company Binarly, one…
SolarWinds Makes Third Attempt at Patching Exploited Vulnerability
SolarWinds on Tuesday announced a hotfix for a remote code execution (RCE) vulnerability in Web Help Desk, and this is the third time it attempts…
ShadowV2 DDoS Service Lets Customers Self-Manage Attacks
A newly discovered distributed denial-of-service (DDoS) botnet targets misconfigured Docker containers for infection and offers a new service model where customers launch their own attacks,…
Unit 221B Raises $5 Million for Threat Intel Aiding Hacker Arrests
Threat intelligence firm Unit 221B has announced raising $5 million in a seed funding round led by J2 Ventures, with additional support from Pipeline Capital…
All Microsoft Entra Tenants Were Exposed to Silent Compromise via Invisible Actor Tokens: Researcher
The strength of responsible disclosure is that it can solve problems before they are actioned. The weakness is that it potentially generates a false sense…
Top 25 MCP Vulnerabilities Reveal How AI Agents Can Be Exploited
MCP has become an integral part of the expansion of agentic AI but comes with its own vulnerabilities. Model Context Protocol (MCP), developed by Anthropic…
Scattered Spider Suspect Arrested in US
A juvenile suspected of being involved in cyberattacks against multiple Las Vegas casinos was arrested last week, the Las Vegas Metropolitan Police Department announced. The…
Automotive Titan Stellantis Discloses Data Breach
Car manufacturing giant Stellantis has disclosed a data breach involving a third-party service provider’s platform. The incident, the company said over the weekend, impacted a…
European Airport Disruptions Caused by Ransomware Attack
The cybersecurity incident impacting Collins Aerospace, which led to disruptions at several major airports across Europe, was the result of a ransomware attack, according to…
Mycroft Raises $3.5 Million for AI-Powered Security and Compliance Platform
Toronto, Canada-based company Mycroft emerged from stealth on Monday with a solution designed to help organizations manage and operate their security and IT stack with…
Researchers Earn $150,000 for L1TF Exploit Leaking Data From Public Cloud
Academic researchers from Vrije Universiteit Amsterdam have demonstrated that transient execution CPU vulnerabilities are practical to exploit in real-world scenarios to leak memory from VMs…