Google has patched CVE-2024-10487, a critical Chrome vulnerability, and Mozilla has patched high-severity flaws in Firefox.
The post Google Patches Critical Chrome Vulnerability Reported by Apple appeared first on SecurityWeek.
Synology, QNAP, TrueNAS Address Vulnerabilities Exploited at Pwn2Own Ireland
Synology, QNAP and TrueNAS have started patching and mitigating the vulnerabilities exploited recently at Pwn2Own Ireland 2024.
The post Synology, QNAP, TrueNAS Address Vulnerabilities Exploited at Pwn2Own Ireland appeared first on SecurityWeek.
Italian Politicians Express Alarm at Latest Data Breach Allegedly Affecting 800,000 Citizens
Prosecutors say the data of at least 800,000 Italians was compromised in breaches dating from 2022 by a private investigative agency.
The post Italian Politicians Express Alarm at Latest Data Breach Allegedly Affecting 800,000 Citizens appeared first on SecurityWeek.
New Windows Themes zero-day gets free, unofficial patches
Free unofficial patches are now available for a new Windows Themes zero-day vulnerability that allows attackers to steal a target’s NTLM credentials remotely. […]
Massive PSAUX ransomware attack targets 22,000 CyberPanel instances
Over 22,000 CyberPanel instances exposed online to a critical remote code execution (RCE) vulnerability were mass-targeted in a PSAUX ransomware attack that took almost all instances offline. […]
QNAP fixes NAS backup software zero-day exploited at Pwn2Own
QNAP has fixed a critical zero-day vulnerability exploited by security researchers on Thursday to hack a TS-464 NAS device during the Pwn2Own Ireland 2024 competition. […]
Proofpoint to Acquire Data Security Posture Management Firm Normalyze
Enterprise cybersecurity giant Proofpoint is acquiring data security posture management (DSPM) company Normalyze.
The post Proofpoint to Acquire Data Security Posture Management Firm Normalyze appeared first on SecurityWeek.
RedLine and Meta Infostealers Disrupted by Law Enforcement
Authorities announce server shutdowns, domain seizures, and arrests in RedLine and Meta infostealers takedown operation.
The post RedLine and Meta Infostealers Disrupted by Law Enforcement appeared first on SecurityWeek.
Russian charged by U.S. for creating RedLine infostealer malware
The United States announced charges today against Maxim Rudometov, a Russian national, for being the suspected developer and administrator of the RedLine malware operation, one of the most prolific infostealers over the past few years. […]
Researchers Uncover Vulnerabilities in Open-Source AI and ML Models
A little over three dozen security vulnerabilities have been disclosed in various open-source artificial intelligence (AI) and machine learning (ML) models, some of which could lead to remote code execution and information theft.
The flaws, identified in tools like ChuanhuChatGPT, Lunary, and LocalAI, have been reported as part of Protect AI’s Huntr bug bounty platform.
The most severe of the
The flaws, identified in tools like ChuanhuChatGPT, Lunary, and LocalAI, have been reported as part of Protect AI’s Huntr bug bounty platform.
The most severe of the