Critical vulnerability in Rust's Command library allows for command injection when using its API to invoke batch scripts with arguments on Windows systems (CVE-2024-24576) ~comp security.cyber programming languages Article 450 words 18 votes
Hackers can infect network-connected wrenches to install ransomware, researchers say ~tech security.cyber Article 493 words 28 votes
All cops are broadcasting. TETRA unlocked after decades in the shadows. ~tech security Article 340 words 26 votes
Incomplete disclosures by Apple and Google create “huge blindspot” for 0-day hunters ~tech apple google security Article 630 words 13 votes
All Apple users are recommended to immediately update their devices to patch a zero-click, zero-day exploit captured in the wild ~tech apple security Article 253 words 102 votes
WinRAR zero-day exploited since April to hack trading accounts ~tech security.cyber Article 622 words 31 votes
A data breach at Christie’s revealed exact GPS coordinates of collectors’ artworks ~tech Article 882 words, published Aug 21 2023 25 votes
Hackers exploited a zero-day flaw in Ivanti's software undetected for at least three months, US and Norwegian cybersecurity agencies warn ~tech security.cyber Article 456 words 14 votes
Apple fixes zero-days used to deploy Triangulation spyware via iMessage ~tech apple ios security.cyber Article 681 words 8 votes
Hertzbleed - a new family of frequency side channel attacks on x86 processors ~comp security hardware Article 1049 words 13 votes
ChaosDB explained: Walkthrough of Azure's Cosmos DB vulnerability ~comp security Article 6005 words 6 votes
SolarWinds: New findings from our investigation of SUNBURST ~tech security.cyber Article 1695 words 6 votes
Edison Mail vulnerability allowing unauthorized access to email accounts of other users ~tech ios security Article 695 words 4 votes
Analysis of Voatz mobile voting app by MIT researchers finds elementary security flaws ~tech security Article 1644 words 11 votes
Firefox zero-day was used in attack against Coinbase employees, not its users ~tech browsers security Article 494 words 11 votes
'RAMBleed' Rowhammer attack can now steal data, not just alter it ~tech security Article 649 words 7 votes
WhatsApp voice calls contained a buffer-overflow vulnerability that was used to install spyware [CVE-2019-3568] ~tech security ios android facebook Article 1008 words 11 votes
Chrome update on March 1 fixed a serious zero-day RCE vulnerability that was being actively exploited ~tech browsers security Article 453 words 10 votes
All Intel chips open to new Spoiler non-Spectre attack: Don't expect a quick fix ~tech security Article 1150 words 23 votes
How I abused 2FA to maintain persistence after a password change (Google, Microsoft, Instagram, Cloudflare, etc) ~tech security microsoft google facebook Article 958 words 16 votes
Facebook says new bug allowed apps access to private photos of up to 6.8m users ~tech facebook privacy social media Link 33 votes
The PlayStation 4 fails at handling text strings; can be bricked by receiving messages. ~games Article 467 words 19 votes
Intel Publishes Microcode Security Patches, No Benchmarking Or Comparison Allowed! ~comp security Article 489 words 12 votes