Milvus Proxy Flaw Lets Attackers Forge Headers and Skip Authorization
A critical authentication bypass vulnerability in the Milvus vector database could allow attackers to gain administrative access without credentials. The flaw exists in how the…
Latest Cybersecurity News — Page 964
View all →
Leave the em dash Alone
I’m annoyed by all the hate against the em dash. As Matthew Butterick captures brilliantly, it adds pauses to sentences. Or more specifically and importantly…
Find your weak spots before attackers do
Here’s how open-source intelligence helps trace your digital footprint and uncover your weak points, plus a few essential tools to connect the dots 20 Nov…
Authorities Sanction Russia-Based Bulletproof Hosting Provider for Aiding Ransomware
The United States, Australia, and the United Kingdom have announced coordinated sanctions against Media Land, a Russia-based bulletproof hosting provider, and related entities for supporting…
Pi GPT Tool Turns Raspberry Pi into a ChatGPT-Powered Smart Device
noBGP has launched pi GPT, a groundbreaking integration that transforms Raspberry Pi devices into ChatGPT-controlled development and production environments. The new tool eliminates the complexity…
NSO Group argues WhatsApp injunction threatens existence, future U.S. government work
NSO Group argued in a court filing this week that the court should pause the permanent injunction preventing it from targeting WhatsApp with its spyware…
Massive Hacking Operation WrtHug Compromises Thousands of ASUS Routers Worldwide
Your home router, the device connecting you to the internet, may have been silently compromised as part of a coordinated global espionage campaign. SecurityScorecard’s STRIKE…
Russian money launderers bought a bank to disguise ransomware profit
A billion-dollar money laundering network active in the UK bought a bank in the Central Asian state of Kyrgyzstan to facilitate the washing of profits…
Hundreds of Salesforce customers hit by yet another third-party vendor breach
Salesforce said yet another breach involving a third-party vendor has compromised customers’ data, warning in a security advisory late Wednesday that it detected unusual activity…
TamperedChef Campaign Exploits Everyday Apps to Deploy Malware and Enable Remote Access
The Acronis Threat Research Unit has uncovered a sophisticated global malvertising campaign called TamperedChef that disguises malware as legitimate everyday applications to compromise systems worldwide.…
Researchers devised a new enumeration technique that exposed 3.5B WhatsApp profiles
Researchers devised a new enumeration technique that exposed 3.5B WhatsApp profiles Pierluigi Paganini November 20, 2025 Researchers disclosed a WhatsApp flaw that exposed 3.5B accounts.…
SEC drops civil fraud case against SolarWinds
The Securities and Exchange Commission on Thursday said it was dropping a landmark civil fraud case against SolarWinds and Tim Brown, the company’s chief information…