Three of the security defects are high-severity flaws, two of which were found and reported by Google.
The post Chrome 145 Patches 11 Vulnerabilities appeared first on SecurityWeek.
China Revives Tianfu Cup Hacking Contest Under Increased Secrecy
Rewards for exploits are reportedly much smaller than in the contest’s glory days.
The post China Revives Tianfu Cup Hacking Contest Under Increased Secrecy appeared first on SecurityWeek.
Russia tries to block WhatsApp, Telegram in communication blockade
The Russian government is attempting to block WhatsApp in the country as its crackdown on communication platforms not under its control intensifies. […]
Bitwarden introduces ‘Cupid Vault’ for secure password sharing
Bitwarden has launched a new system called ‘Cupid Vault’ that allows users to safely share passwords with trusted email addresses. […]
Critical BeyondTrust RCE flaw now exploited in attacks, patch now
A critical pre-authentication remote code execution vulnerability in BeyondTrust Remote Support and Privileged Remote Access appliances is now being exploited in attacks after a PoC was published online. […]
Microsoft: New Windows LNK spoofing issues aren’t vulnerabilities
Today, at Wild West Hackin’ Fest, security researcher Wietze Beukema disclosed multiple vulnerabilities in Windows LK shortcut files that allow attackers to deploy malicious payloads. […]
Romania’s oil pipeline operator Conpet confirms data stolen in attack
Romania’s national oil pipeline operator, Conpet S.A., confirmed that the Qilin ransomware gang stole company data in an attack last week. […]
Odido data breach exposes personal info of 6.2 million customers
Dutch telecommunications provider Odido is warning that it suffered a cyberattack that reportedly exposed the personal data of 6.2 million customers. […]
Google Reports State-Backed Hackers Using Gemini AI for Recon and Attack Support
Google on Thursday said it observed the North Korea-linked threat actor known as UNC2970 using its generative artificial intelligence (AI) model Gemini to conduct reconnaissance on its targets, as various hacking groups continue to weaponize the tool for accelerating various phases of the cyber attack life cycle, enabling information operations, and even conducting model extraction attacks.
“The
“The
WordPress plugin with 900k installs vulnerable to critical RCE flaw
A critical vulnerability in the WPvivid Backup & Migration plugin for WordPress, installed on more than 900,000 websites, can be exploited to achieve remote code execution by uploading arbitrary files without authentication. […]