Researchers have demonstrated that GPU Rowhammer attacks can be used to escalate privileges.
The post GPUBreach: Root Shell Access Achieved via GPU Rowhammer Attack appeared first on SecurityWeek.
Category Added in a WPeMatico Campaign
Medusa Ransomware Fast to Exploit Vulnerabilities, Breached Systems
The group is using zero-days, quickly weaponizes fresh bugs, and exfiltrates and encrypts data within days of initial access.
The post Medusa Ransomware Fast to Exploit Vulnerabilities, Breached Systems appeared first on SecurityWeek.
German Police Unmask REvil Ransomware Leader
Shchukin is accused of extorting more than $2 million as the head of the GandCrab and REvil ransomware operations.
The post German Police Unmask REvil Ransomware Leader appeared first on SecurityWeek.
White House Seeks to Slash CISA Funding by $707 Million
The Trump administration says the FY2027 budget refocuses CISA on its core mission: protecting federal agencies and critical infrastructure.
The post White House Seeks to Slash CISA Funding by $707 Million appeared first on SecurityWeek.
Wynn Resorts Says 21,000 Employees Affected by ShinyHunters Hack
The high-end casino and hotel operator has likely paid a ransom to avoid a data leak.
The post Wynn Resorts Says 21,000 Employees Affected by ShinyHunters Hack appeared first on SecurityWeek.
Google DeepMind Researchers Map Web Attacks Against AI Agents
Malicious web content can be used to manipulate, deceive, and exploit autonomous AI agents navigating the internet, Google DeepMind researchers show. The researchers have identified six types of attacks against AI agents that can be mounted via web content to inject malicious context and trigger unexpected behavior. Web content, they explain in a research paper, […]
The post Google DeepMind Researchers Map Web Attacks Against AI Agents appeared first on SecurityWeek.
Guardarian Users Targeted With Malicious Strapi NPM Packages
Hackers published 36 NPM packages posing as Strapi plugins to execute shells, escape containers, and harvest credentials.
The post Guardarian Users Targeted With Malicious Strapi NPM Packages appeared first on SecurityWeek.
North Korean Hackers Target High-Profile Node.js Maintainers
The threat actor behind the Axios supply chain attack has been aiming at other maintainers in its social engineering campaign.
The post North Korean Hackers Target High-Profile Node.js Maintainers appeared first on SecurityWeek.
Fortinet Rushes Emergency Fixes for Exploited Zero-Day
The improper access control bug in FortiClient EMS allows unauthenticated attackers to execute arbitrary code remotely.
The post Fortinet Rushes Emergency Fixes for Exploited Zero-Day appeared first on SecurityWeek.
European Commission Confirms Data Breach Linked to Trivy Supply Chain Attack
Hackers stole over 300GB of data from the Commission’s AWS environment, including personal information.
The post European Commission Confirms Data Breach Linked to Trivy Supply Chain Attack appeared first on SecurityWeek.