Barracuda fixes new ESG zero-day exploited by Chinese hackers
Network and email security firm Barracuda says it remotely patched all active Email Security Gateway (ESG) appliances on December 21…
Google Releases Eighth Zero-Day Patch of 2023 for Chrome
CVE-2023-7024, exploited in the wild prior to patching, is a Chrome vulnerability that allows remote code execution within the browser's…
OpenAI rolls out imperfect fix for ChatGPT data leak flaw
OpenAI has mitigated a data exfiltration bug in ChatGPT that could potentially leak conversation details to an external URL. [...]
Google fixes 8th Chrome zero-day exploited in attacks this year
Google has released emergency updates to fix another Chrome zero-day vulnerability exploited in the wild, the eighth patched since the…
Terrapin attacks can downgrade security of OpenSSH connections
Academic researchers developed a new attack called Terrapin that manipulates sequence numbers during the handshake process to breaks the SSH…
What is the future of Web3?
Where Web 2.0 moved us from 1990s-style static websites to user-generated online experiences like social media, Web3 is a vision…
Patch Now: Exploit Activity Mounts for Dangerous Apache Struts 2 Bug
CVE-2023-50164 is harder to exploit than the 2017 Struts bug behind the massive breach at Equifax, but don't underestimate the…
Establishing Reward Criteria for Reporting Bugs in AI Products
Bug hunter programs can help organizations foster third-party discovery and reporting of issues and vulnerabilities specific to AI systems.
3CX warns customers to disable SQL database integrations
VoIP communications company 3CX warned customers today to disable SQL database integrations due to potential risks associated with what it…
Ubiquiti users report having access to others’ UniFi routers, cameras
Since yesterday, customers of Ubiquiti networking devices, ranging from routers to security cameras, have reported seeing other people's devices and…