EncryptHub’s dual life: Cybercriminal vs Windows bug-bounty researcher
EncryptHub, a notorious threat actor linked to breaches at 618 organizations, is believed to have reported two Windows zero-day vulnerabilities…
Everest ransomware’s dark web leak site defaced, now offline
The dark web leak site of the Everest ransomware gang has apparently been hacked over the weekend by an unknown attacker and is…
WinRAR flaw bypasses Windows Mark of the Web security alerts
A vulnerability in the WinRAR file archiver solution could be exploited to bypass the Mark of the Web (MotW) security…
Max severity RCE flaw discovered in widely used Apache Parquet
A maximum severity remote code execution (RCE) vulnerability has been discovered impacting all versions of Apache Parquet up to and…
Ivanti patches Connect Secure zero-day exploited since mid-March
Ivanti has released security updates to patch a critical Connect Secure remote code execution vulnerability exploited by a China-linked espionage…
Verizon Call Filter API flaw exposed customers’ incoming call history
A vulnerability in Verizon's Call Filter feature allowed customers to access the incoming call logs for another Verizon Wireless number through…
Microsoft uses AI to find flaws in GRUB2, U-Boot, Barebox bootloaders
Microsoft used its AI-powered Security Copilot to discover 20 previously unknown vulnerabilities in the GRUB2, U-Boot, and Barebox open-source bootloaders. [...]
How AI is Transforming the Fight Against Data Breaches
The average cost of a data breach surged to $4.88 million from $4.45 million in 2023, a 10% surge and…
Retail giant Sam’s Club investigates Clop ransomware breach claims
Sam's Club, an American warehouse supermarket chain owned by U.S. retail giant Walmart, is investigating claims of a Clop ransomware…
New Ubuntu Linux security bypasses require manual mitigations
Three security bypasses have been discovered in Ubuntu Linux's unprivileged user namespace restrictions, which could be enable a local attacker…