-
UAT-8837, a China-nexus advanced persistent threat (APT) actor, is conducting sustained campaigns against critical infrastructure sectors across North America. The group, assessed with medium confidence based on tactical overlaps with known Chinese thr…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Go development team has released Go versions 1.25.6 and 1.24.12, addressing six critical security vulnerabilities that could enable denial-of-service attacks, arbitrary code execution, and unauthorised session resumption. These minor point releases…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly reported supply chain attack targeting the Amazon Web Services (AWS) management console has raised alarms across the developer community. Cybersecurity researchers have discovered that threat actors are exploiting misconfigured AWS …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers at Google Project Zero have disclosed a complete zero-click exploit chain affecting Google Pixel 9 smartphones, chaining vulnerabilities in the Dolby audio decoder and kernel driver to achieve code execution and privilege escalatio…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cymulate Research Labs discovered a high-severity authentication bypass vulnerability in Microsoft Windows Admin Centre’s Azure AD Single Sign-On implementation that enables attackers with local administrator access on a single machine to comprom…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A web browser is a door to the Global Network, allows to surf through different resources, obtain all required information, watch films, earn money, and many more legal and partly legal activities. It depends on the size of the door, what information y…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers have published an in‑depth technical analysis of the DragonForce ransomware operation, along with details of working decryptors for both Windows and ESXi systems targeting specific victims. By the time its dedicated Data Leak Site …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly documented campaign dubbed “Contagious Interview” shows North Korean threat actors weaponising developer tooling and code-repository workflows to steal credentials, cryptocurrency wallets and establish remote access even when victims never “run…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Digital investment advisor Betterment has confirmed that unauthorized individuals gained access to its internal systems in a recent security breach. The compromise allowed attackers to send fraudulent cryptocurrency-related messages to some…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Google has confirmed a critical bug affecting Android devices where volume buttons malfunction when the Select to Speak accessibility feature is enabled. The issue causes volume keys to adjust accessibility volume rather than media volume. It prevents …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
