Under certain conditions, attackers can chain a set of vulnerabilities in multiple components of the CUPS open-source printing system to execute arbitrary code remotely on vulnerable machines. […]
New RomCom malware variant ‘SnipBot’ spotted in data theft attacks
A new variant of the RomCom malware called SnipBot, has been used in attacks that pivot on the network to steal data from compromised systems. […]
Kia dealer portal flaw could let attackers hack millions of cars
A group of security researchers discovered critical flaws in Kia’s dealer portal that could let hackers locate and steal millions of Kia cars made after 2013 using just the targeted vehicle’s license plate. […]
X Releases Its First Transparency Report Since Elon Musk’s Takeover
Social media platform X published its first transparency report since the company was purchased by Elon Musk.
The post X Releases Its First Transparency Report Since Elon Musk’s Takeover appeared first on SecurityWeek.
Tails OS merges with Tor Project for better privacy, security
The Tor Project and Tails OS are merging operations to better collaborate for a free internet by protecting users from surveillance and censorship. […]
Watch Now: Shield Your Data, Secure Your Future: A Multi-Layered Approach to Operational Resilience
Join the webinar to gain insights and learn actionable steps to enhance your organization’s data security and resilience.
The post Watch Now: Shield Your Data, Secure Your Future: A Multi-Layered Approach to Operational Resilience appeared first on SecurityWeek.
Hackers Could Have Remotely Controlled Kia Cars Using Only License Plates
Cybersecurity researchers have disclosed a set of now patched vulnerabilities in Kia vehicles that, if successfully exploited, could have allowed remote control over key functions simply by using only a license plate.
“These attacks could be executed remotely on any hardware-equipped vehicle in about 30 seconds, regardless of whether it had an active Kia Connect subscription,” security
“These attacks could be executed remotely on any hardware-equipped vehicle in about 30 seconds, regardless of whether it had an active Kia Connect subscription,” security
Critical Nvidia Container Flaw Exposes Cloud AI Systems to Host Takeover
Nvidia confirms risk of code execution, denial of service, escalation of privileges, information disclosure, and data tampering. CVSS 9/10.
The post Critical Nvidia Container Flaw Exposes Cloud AI Systems to Host Takeover appeared first on SecurityWeek.
US sanctions crypto exchanges used by Russian ransomware gangs
The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) has sanctioned PM2BTC and Cryptex, two cryptocurrency exchanges that laundered funds from Russian ransomware gangs and other cybercrime groups. […]
Automattic blocks WP Engine’s access to WordPress resources
WordPress.org has banned WP Engine from accessing its resources and stopped delivering plugin updates to websites hosted on the platform, urging impacted users to choose other hosting providers. […]