The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. The first vulnerability, CVE-2023-20963, is an Android Framework Privilege Escalation Vulnerability that enables…
Category: English
Backdoor Risk on x86 Machines
Despite ARM making progress, x86 machines still dominate the desktop and laptop space. However, these machines have a significant flaw that can compromise privacy and security: a hardware backdoor that can access…
Kodi Rebuilds After Data Breach
Kodi, the open source home theater software developer, has announced that it is rebuilding its user forum after suffering a data breach in February. The breach was disclosed last week after a…
MSI confirms cyber attack
Taiwanese PC manufacturer, MSI, has confirmed a cyber attack on its systems, after detecting “network anomalies.” The company did not provide any further details regarding the nature of the attack or if…
JavaScript sandbox library has vulnerability
The vm2 JavaScript sandbox library, commonly used in IDEs, code editors, and security tools, has a critical vulnerability (CVE-2023-29017) that allows threat actors to escape the sandbox and execute arbitrary code. The…
New Malware Targets Chromium-Based Browsers – VIDEO
A new malware named Rilide is targeting Chromium-based web browsers by masquerading as a Google Drive extension to steal cryptocurrency and sensitive data. Rilide has the ability to monitor browsing history, take…
OpenAI Faces Data Processing Limits
The Guarantor for the protection of personal data has decided to temporarily limit the processing of Italian users’ data by OpenAI, a US-based company that manages an artificial intelligence platform. Furthermore, the…
Is Programming Coming to an End? – VIDEO
Matt Welsh, a former professor of computer science at Harvard and founder of Fixie.ai, believes that large language models like ChatGPT and GitHub Copilot represent the beginning of the end of programming….
ISSUE – Broken Authentication
Authentication and session management includes all aspects of handling user authentication and managing active sessions. Authentication is a critical aspect of this process, but even solid authentication mechanisms can be undermined by…
AlienFox: Stealing Cloud Credentials – VIDEO
A new modular toolkit called “AlienFox” is being used by threat actors to scan for misconfigured servers and steal authentication secrets and credentials for cloud-based email services. Sold through a private Telegram…