Pwn2Own Automotive: $1.3M for 49 zero-days, Tesla hacked twice
The first edition of Pwn2Own Automotive has ended with competitors earning $1,323,750 for hacking Tesla twice and demoing 49 zero-day…
Tesla hacked, 24 zero-days demoed at Pwn2Own Automotive 2024
Security researchers hacked a Tesla Modem and collected awards of $722,500 on the first day of Pwn2Own Automotive 2024 for…
Google fixes first actively exploited Chrome zero-day of 2024
Google has released security updates to fix the first Chrome zero-day vulnerability exploited in the wild since the start of the year.…
Windows SmartScreen flaw exploited to drop Phemedrone malware
A Phemedrone information-stealing malware campaign exploits a Microsoft Defender SmartScreen vulnerability (CVE-2023-36025) to bypass Windows security prompts when opening URL…
GrapheneOS: Frequent Android auto-reboots block firmware exploits
GrapheneOS, a privacy and security-focused Android-based operating system, has posted a series of tweets on X suggesting that Android should…
CISA: Critical Microsoft SharePoint bug now actively exploited
CISA warns that attackers are now exploiting a critical Microsoft SharePoint privilege escalation vulnerability that can be chained with another…
Zombie APIs: The Scariest Threat Lurking in The Shadows?
By Dan Hopkins, VP of Engineering at StackHawk IT modernization and digital transformation initiatives, combined with faster software deployment lifecycles,…
Mandiant, SEC Lose Control of X Accounts Without 2FA
Crypto hacks on Mandiant and SEC X accounts are the predictable result of the social media platform's upcharge for basic…
Cisco says critical Unity Connection bug lets attackers get root
Cisco has patched a critical Unity Connection security flaw that can let unauthenticated attackers remotely gain root privileges on unpatched…
The Week in Ransomware – January 5th 2024 – Secret decryptors
With it being the first week of the New Year and some still away on vacation, it has been slow…