USN-7051-1: AsyncSSH vulnerability
Fabian Bäumer, Marcus Brinkmann, Jörg Schwenk discovered that the SSH protocol was vulnerable to a prefix truncation attack. If a remote attacker was able to...
A Vulnerability in Zimbra Collaboration Could Allow for Remote Code Execution
A vulnerability has been discovered in Zimbra Collaboration which could allow for remote code execution. Zimbra is a collaborative software suite that includes an email...
DSA-5780-1 php8.2 – security update
Multiple security issues were found in PHP, a widely-used open source general purpose scripting language which could result in incorrect parsing of multipart/form-data, bypass of...
Multiple Vulnerabilities in Mozilla Products Could Allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Mozilla products, the most severe of which could allow for arbitrary code execution. Mozilla Firefox is a web...
The AI Fix #18: ChatGPT’s false memories, and would an inner critic stop AI hallucinations?
In episode 18 of "The AI Fix" our hosts discover that OpenAI's Advanced Voice mode is too emotional for Europeans, a listener writes a Viking...
British Hacker Charged in the US For $3.75m Insider Trading Scheme
UK hacker Robert Westbrook allegedly gained unauthorized access to corporate executives’ email accounts to profit from confidential financial information Read More
Ransomware Attack Forces UMC to Divert Emergency Patients
UMC in Lubbock, Texas, confirmed a ransomware attack last week, disrupting patient care and IT systems Read More
Evil Corp’s LockBit Ties Exposed in Latest Phase of Operation Cronos
The UK has sanctioned 16 members of the notorious Russian hacking group Evil Corp, exposing their links to the prolific LockBit ransomware group Read More
USN-7050-1: Devise-Two-Factor vulnerabilities
Benoit Côté-Jodoin and Michael Nipper discovered that Devise-Two-Factor incorrectly handled one-time password validation. An attacker could possibly use this issue to intercept and re-use a...
T-Mobile to Pay $15.75m Penalty for Multiple Data Breaches
T-Mobile will pay $15.75m to the US Treasury for multiple data breaches in 2021, 2022 and 2023 and has agreed to invest in improved cybersecurity...