The National Vulnerability Database (NVD), maintained by the National Institute of Standards and Technology (NIST), currently has a backlog of over 16,000 vulnerabilities, with an average daily influx of more than 100 new security flaws.
Cyware News – Latest Cyber News – Read More
U.S. senators have raised concerns about how car companies handle consumer data, revealing that major automakers share and sell drivers’ information without proper consent.
Cyware News – Latest Cyber News – Read More
WhatsApp currently blocks certain file types considered risky, but Python and PHP scripts are not included in the blocklist. Security researcher Saumyajeet Das identified this vulnerability while testing file attachments in WhatsApp conversations.
Cyware News – Latest Cyber News – Read More
The Gh0st RAT Trojan is being distributed to Chinese Windows users through a fake Chrome website. The malware has been around since 2008 and has evolved over the years, often used by cyberespionage groups in China.
Cyware News – Latest Cyber News – Read More
Infostealer malware is swiping millions of passwords, cookies, and search histories. It’s a gold mine for hackers—and a disaster for anyone who becomes a target.
Security Latest – Read More
Researchers discovered and published details of an XSS attack that could potentially impact millions of websites around the world.
The post Millions of Websites Susceptible XSS Attack via OAuth Implementation Flaw appeared first on SecurityWeek.
SecurityWeek – Read More
Bottom line: you can’t change the laws of physics.
Latest news – Read More
Acronis warns of a critical-severity Acronis Cyber Infrastructure (ACI) vulnerability being exploited in attacks.
The post Acronis Product Vulnerability Exploited in the Wild appeared first on SecurityWeek.
SecurityWeek – Read More
Researchers at Truffle Security have found, or arguably rediscovered, that data from deleted GitHub repositories (public or private) and from deleted copies (forks) of repositories isn’t necessarily deleted.
Cyware News – Latest Cyber News – Read More
The vulnerability (CVE-2023-45249) was patched nine months ago but is still being exploited in attacks. Admins are advised to update their systems immediately to prevent unauthorized remote code execution.
Cyware News – Latest Cyber News – Read More