New Chrome zero-day actively exploited, patch quickly! (CVE-2024-7971)

A new Chrome zero-day vulnerability (CVE-2024-7971) exploited by attackers in the wild has been fixed by Google. About CVE-2024-7971 CVE-2024-7971 is a high-severity vulnerability caused by a type confusion... Read more »

GitHub fixed a new critical flaw in the GitHub Enterprise Server 

GitHub addressed three vulnerabilities in its GitHub Enterprise Server product, including a critical authentication flaw. GitHub addressed three security vulnerabilities impacting the GitHub Enterprise Server (GHES), including a critical... Read more »

LibreOffice 24.8: More privacy, interoperability improvements

LibreOffice 24.8, the new major release of the free Windows, macOS, and Linux office suite, is now available. This is the first to provide an official package for Windows... Read more »

A survival guide for data privacy in the age of federal inaction

Things change fast in the world of data privacy. Just earlier this year, the question I was being asked most frequently was, “How similar will the proposed federal privacy... Read more »

Most ransomware attacks occur between 1 a.m. and 5 a.m.

There’s been an alarming increase in ransomware attacks over the past year, alongside significant shifts in the tactics and strategies employed by cybercriminals that underscore the necessity for organizations... Read more »

Why C-suite leaders are prime cyber targets

Senior executives are prime targets for cybercriminals, with 72% of surveyed cybersecurity professionals in the US reporting that cyberattacks have targeted this group in the past 18 months. This... Read more »

GenAI models are easily compromised

95% of cybersecurity experts express low confidence in GenAI security measures while red team data shows anyone can easily hack GenAI models, according to Lakera. Attack methods specific to... Read more »

Experts disclosed a critical information-disclosure flaw in Microsoft Copilot Studio

Researchers have disclosed a critical security vulnerability in Microsoft’s Copilot Studio that could lead to the exposure of sensitive information. Researchers disclosed a critical security vulnerability, tracked as CVE-2024-38206... Read more »

North Korea-linked APT used a new RAT called MoonPeak

North Korea-linked APT Kimsuky is likely behind a new remote access trojan called MoonPeak used in a recent campaign spotted by Cisco Talos. Cisco Talos researchers uncovered the infrastructure... Read more »

Styx Stealer Creator’s OPSEC Fail Leaks Client List and Profit Details

In what’s a case of an operational security (OPSEC) lapse, the operator behind a new information stealer called Styx Stealer leaked data from their own computer, including details related... Read more »
Subscribe to our Newsletter