ZDI-24-1723: (0Day) Delta Electronics DRASimuCAD ICS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics DRASimuCAD. User interaction is required to exploit this vulnerability in...
ZDI-24-1724: (0Day) Delta Electronics DRASimuCAD STP File Parsing Type Confusion Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics DRASimuCAD. User interaction is required to exploit this vulnerability in...
Multiple Vulnerabilities in Sophos Firewall Could Allow for Remote Code Execution
Multiple Vulnerabilities have been discovered in Sophos Firewall, the most severe of which could allow for remote code execution. Sophos Firewall is a network security...
DSA-5834-1 chromium – security update
Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. https://security-tracker.debian.org/tracker/DSA-5834-1 Read More
Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm
Cybercriminals are selling hundreds of thousands of credential sets stolen with the help of a cracked version of Acunetix, a powerful commercial web app vulnerability...
US Organizations Still Using Kaspersky Products Despite Ban
Bitsight found that 40% of US organizations who used Kaspersky products before the government ban came into effect still appear to be using them Read...
Smashing Security podcast #398: Fake CAPTCHAs, Harmageddon, and Krispy Kreme
This week, we delve into the dark world of fake CAPTCHAs designed to hijack your computer. Plus, the AI safety clock is ticking down –...
Mailbox Insecurity
It turns out that all cluster mailboxes in the Denver area have the same master key. So if someone robs a postal carrier, they can...
USN-7178-1: DPDK vulnerability
It was discovered that DPDK incorrectly handled the Vhost library checksum offload feature. An malicious guest could possibly use this issue to cause the hypervisor's...
EU Opens Door for AI Training Using Personal Data
The EU Data Protection Board (EDPB) published a long-awaited opinion on how GDPR should apply to AI models Read More