Aggregator

Recent, Targeted Attacks Suggest Undercut Group's Claimed 'Going Dark' Retirement
Elements of the notorious ransomware collective lately calling itself Scattered Lapsus$ Hunters appear to be targeting fresh victims, including a U.S. banking organization if not the sector at large, despite a member of the group claiming it would be "going dark" and retiring.

Economic Losses of Carmaker, Suppliers Piling Up
British auto manufacturer Jaguar Land Rover will extend a production pause until late September as it enters its third week of contending with a cyber incident that forced it to shut down assembly lines across the globe.

A global survey of 1,025 IT and security professionals finds that while organizations experienced an average of 2.17 cloud breaches over the past 18 months, only 8% were categorized as severe. At the same time, however, with the rise of artificial intelligence (AI) there may be more significant challenges ahead. More than half of respondents..

The post Survey Surfaces Rising Number of AI Security Incidents appeared first on Security Boulevard.

The contentious hearing focused on other subjects, but lawmakers still had cyber questions and accusations for the head of the bureau.

The post Senators, FBI Director Patel clash over cyber division personnel, arrests appeared first on CyberScoop.

Researchers say the commercial adtech platform and several other companies form the infrastructure of a massive cybercrime operation.

万户OA代码审计与0day挖掘

A potentially monumental supply chain attack is underway, thanks to a self-replicating worm-like payload that has been compromising packages published on the npm Registry. The worm has been dubbed “Shai-hulud” as it steals credentials from victims who run a compromised package and publishes them in a public GitHub repository which contains the name. The worm also uses npm authentication tokens stolen from the victims to perpetuate the cycle of infection and compromise, and compromised GitHub … More →

The post Self-replicating worm hits 180+ npm packages in (largely) automated supply chain attack appeared first on Help Net Security.

A vulnerability identified as critical has been detected in Silabs WiSeConnect SDK up to 3.3.4. This impacts an unknown function. Performing manipulation results in incorrect calculation of buffer size. This vulnerability is reported as CVE-2024-8361. The attack is possible to be carried out remotely. No exploit exists.

A vulnerability was found in silabs EmberZNet up to 7.4.3/8.0.x. It has been declared as critical. Affected is an unknown function. The manipulation results in origin validation error. This vulnerability is identified as CVE-2024-7322. The attack can be executed remotely. There is not any exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in cvat up to 2.25.x. This impacts an unknown function of the component Nuclio Function Container. This manipulation causes deserialization. The identification of this vulnerability is CVE-2025-23045. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Ashlar-Vellum Cobalt, Cobalt Share, Xenon, Argon and Lithium. It has been classified as critical. Affected by this issue is some unknown functionality. This manipulation causes out-of-bounds write. This vulnerability is handled as CVE-2023-39943. It is possible to launch the attack on the local host. There is not any exploit available. Upgrading the affected component is recommended.

A vulnerability was found in Ashlar-Vellum Cobalt, Cobalt Share, Xenon, Argon and Lithium. It has been declared as critical. This affects an unknown part. Such manipulation leads to heap-based buffer overflow. This vulnerability is uniquely identified as CVE-2023-40222. Local access is required to approach this attack. No exploit exists. It is recommended to upgrade the affected component.

A vulnerability categorized as problematic has been discovered in Silicon Labs Simplicity SDK. This impacts an unknown function of the component SPI Interface. Executing manipulation can lead to improper validation of array index. This vulnerability appears as CVE-2024-12975. The attack may be performed from remote. There is no available exploit. It is advisable to upgrade the affected component.

A vulnerability was found in Artica Pandora FMS. It has been rated as critical. This affects an unknown function. Performing manipulation results in command injection. This vulnerability is identified as CVE-2024-12992. The attack can be initiated remotely. There is not any exploit available.

A vulnerability categorized as critical has been discovered in Artica Pandora FMS up to 777.6. This impacts an unknown function. Executing manipulation can lead to command injection. This vulnerability is tracked as CVE-2024-12971. The attack can be launched remotely. No exploit exists.

A vulnerability was found in Synology Active Backup for Business. It has been declared as critical. This vulnerability affects unknown code. Executing manipulation can lead to path traversal. This vulnerability is tracked as CVE-2024-47265. The attack can be launched remotely. No exploit exists. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Wazuh up to 4.8.x on Windows. This impacts an unknown function in the library rsync.dll. The manipulation results in improper access controls. This vulnerability is cataloged as CVE-2024-35177. The attack must be initiated from a local position. There is no exploit available. You should upgrade the affected component.

A vulnerability was found in Wazuh up to 4.9.0 and classified as critical. Affected by this vulnerability is an unknown functionality. Such manipulation leads to improper privilege management. This vulnerability is documented as CVE-2024-47770. The attack can be executed remotely. There is not any exploit available. It is suggested to upgrade the affected component.

A vulnerability categorized as critical has been discovered in GFI Kerio Control up to 9.2.5. Impacted is an unknown function of the component GET Parameter Handler. The manipulation results in http response splitting. This vulnerability is cataloged as CVE-2024-52875. The attack may be launched remotely. Furthermore, there is an exploit available. Applying a patch is advised to resolve this issue.