When the world faced COVID-19, I watched something remarkable happen. Artificial intelligence (AI) systems, which I had once viewed as tools of research and efficiency, […]
Multiple Django Flaws Could Allow SQL Injection and Denial-of-Service Attacks
The Django development team has released critical security patches addressing two significant vulnerabilities that could expose applications to denial-of-service attacks and SQL injection exploits. The […]
Multiple ChatGPT Security Bugs Allow Rampant Data Theft
Attackers can use them to inject arbitrary prompts, exfiltrate personal user information, bypass safety mechanisms, and take other malicious actions. ​The original article found on […]
Chinese hackers target Western diplomats using hard-to-patch Windows shortcut flaw
Chinese hackers have been spotted targeting European diplomats using a longstanding Windows shortcut vulnerability that’s been popular with threat groups as far back as 2017. […]
ValleyRAT Campaign Targets Windows via WeChat and DingTalk
A sophisticated Windows remote-access trojan known as ValleyRAT has emerged as a high-confidence indicator of targeted intrusions against Chinese-language users and organizations. ValleyRAT’s operational model […]
Hackers Weaponize Windows Hyper-V to Hide Linux VM and Evade EDR Detection
The threat actor known as Curly COMrades has been observed exploiting virtualization technologies as a way to bypass security solutions and execute custom malware. According […]
Authorities Dismantle Large-Scale Credit Card Fraud Scheme Affecting 4.3 Million Users
 Authorities across nine countries executed a coordinated crackdown on one of the largest credit card fraud networks ever dismantled. Operation Chargeback, led by German prosecutors […]
EndClient RAT Leverages Compromised Code-Signing to Slip Past Antivirus
A sophisticated Remote Access Trojan (RAT) is actively targeting North Korean Human Rights Defenders (HRDs) through a campaign leveraging stolen code-signing certificates to evade antivirus […]
Google Issues Emergency Chrome Update to Fix Critical RCE Flaw
Google has released an emergency security update for Chrome across all platforms, rolling out version 142.0.7444.134 and 142.0.7444.135 to address five critical and medium-severity vulnerabilities. […]
Hyundai AutoEver Confirms Data Breach Exposing Personal Data, Including SSNs and License Info
Hyundai AutoEver America, LLC has formally confirmed a significant data breach that compromised sensitive customer information. The automotive software provider disclosed the incident through official […]