Unpatched PHP Voyager Flaws Leave Servers Open to One-Click RCE Exploits

/in

Three security flaws have been disclosed in the open-source PHP package Voyager that could be exploited by an attacker to achieve one-click remote code execution on affected instances.
“When an authenticated Voyager user clicks on a malicious link, attackers can execute arbitrary code on the server,” Sonar researcher Yaniv Nizry said in a write-up published earlier this week.

The

The Hacker News – ​Read More

Fake Videos of Former First Lady Scam Namibians

/in

Amateurish financial scams are common across Africa, and Namibia’s influential former first lady, Monica Geingos, has emerged as a particularly effective host body for these messages.

darkreading – ​Read More

Operation Talent: FBI Seizes Nulled.to, Cracked.to, Sellix.io and more

/in

The FBI has seized Nulled.to, Cracked.to, Sellix.io, and StarkRDP.io in Operation Talent, targeting cybercrime forums and illicit marketplaces.…

Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – ​Read More

DeepSeek helps speed up threat detection while raising national security concerns

/in

DeepSeek: China's Open-Source AI’S Speeds Threat Detection—And Raises National Security Questions

DeepSeek and its R1 model aren’t wasting any time rewriting the rules of cybersecurity AI in real-time. Enterprises can’t ignore this risk.Read More

Security News | VentureBeat – ​Read More

Dario Amodei challenges DeepSeek’s $6 million AI narrative: What Anthropic thinks about China’s latest AI move

/in

Credit: VentureBeat made with Midjourney

Anthropic co-founder Dario Amodei reveals DeepSeek’s Chinese AI breakthrough actually cost billions, not $6 million, challenging market narratives and explaining why AI development remains resource-intensive despite engineering improvements.Read More

Security News | VentureBeat – ​Read More

Russian UAC-0063 Targets Europe and Central Asia with Advanced Malware

/in

UAC-0063: A Russian-linked threat actor targeting Central Asia and Europe with sophisticated cyberespionage campaigns, including weaponized documents, data…

Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – ​Read More

Exposed DeepSeek Database Revealed Chat Prompts and Internal Data

/in

China-based DeepSeek has exploded in popularity, drawing greater scrutiny. Case in point: Security researchers found more than 1 million records, including user data and API keys, in an open database.

Security Latest – ​Read More

Researchers Uncover Lazarus Group Admin Layer for C2 Servers

/in

The threat actor is using a sophisticated network of VPNs and proxies to centrally manage command and control servers from Pyongyang.

darkreading – ​Read More

Hackers are hijacking WordPress sites to push Windows and Mac malware

/in

A cybersecurity company says hackers are pushing Mac and Windows malware through sites that are using outdated versions of WordPress.

© 2024 TechCrunch. All rights reserved. For personal use only.

Security News | TechCrunch – ​Read More

DeepSeek Chatbot Beats OpenAI on App Store Leaderboard

/in

The Chinese firm said training the model cost just $5.6 million. Alibaba Cloud followed with a new generative AI model, while Microsoft alleges DeepSeek ‘distilled’ OpenAI’s work.

Security | TechRepublic – ​Read More