Login
Newsletter platform Substack has admitted that an intruder swiped user contact details months before the company noticed, forcing it to warn writers and readers that their email addresses and other account metadata were accessed without permission.β¦
A state-aligned cyber group in Asia compromised government and critical infrastructure organizations across 37 countries in an ongoing espionage campaign, according to security researchers.β¦
Breach-tracking site Have I Been Pwned (HIBP) claims a cyberattack on Betterment affected roughly 1.4 million users β although the investment company has yet to publicly confirm how many customers were affected by January's intrusion.β¦
Version 5 of PacketSmith, codenamed Pinus strobus, is the result of extensive R&D to add unique, unparalleled features that matter to network detection engineers, SoC analysts, and malware and vulnerability researchers. In this release, weβre showcasing a very powerful new feature in PacketSmith: the integration of Yara-X, a state-of-the-art scanning engine and pattern-matching library.
Italy's foreign minister says the country has already started swatting away cyberattacks from Russia targeting the Milano Cortina Winter Olympics.β¦
Multiple newly disclosed bugs in the popular workflow automation tool n8n could allow attackers to hijack servers, steal credentials, and quietly disrupt AI-driven business processes.β¦
Interview Sovereignty remains a hot topic in the tech industry, but interpretations of what it actually means β and how much it matters β vary widely between organizations and sectors. While public bodies are often driven by regulation and national policy, the private sector tends to take a more pragmatic, cost-focused view.β¦
A flaw that exists within the handling of sch_cake can allow a local user under the CentOS 9 operating system to trigger an use-after-free. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root.
Sleeper agent-style backdoors in AI large language models pose a straight-out-of-sci-fi security threat.β¦
Microsoft CEO Satya Nadella has decided Microsoft needs an engineering quality czar, and shifted Charlie Bell, the companyβs executive veep for security, into the new role.β¦
Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Feb 04
SEC Consult Vulnerability Lab Security Advisory < 20260202-0 >Posted by Thomas Weber | CyberDanube via Fulldisclosure on Feb 04
CyberDanube Security Research 20260119-0Posted by Egidio Romano on Feb 04
--------------------------------------------------------------------------Posted by Egidio Romano on Feb 04
--------------------------------------------------------------------------------Posted by Egidio Romano on Feb 04
---------------------------------------------------------------------------Made a thing. Julius fingerprints LLM services - point it at a target and it tells you if you're looking at Ollama, vLLM, LiteLLM, etc. Single binary, JSON output, works nicely in recon pipelines.
What it does:
UPDATED A digital intruder broke into an AWS cloud environment and in just under 10 minutes went from initial access to administrative privileges, thanks to an AI speed assist.β¦
Attackers are exploiting a critical SolarWinds Web Help Desk bug - less than a week after the vendor disclosed and fixed the 9.8-rated flaw. That's according to America's lead cyber-defense agency, which set a Friday deadline for federal agencies to patch the security flaw.β¦
FreshRSS 