Apache HugeGraph-Server flaw actively exploited, CISA warns
The vulnerability has been patched months ago, but now federal agencies have a deadline to patch......»»
Hackers infect ISPs with malware that steals customers’ credentials
Zero-day that was exploited since June to infect ISPs finally gets fixed. Enlarge (credit: Getty Images) Malicious hackers likely working on behalf of the Chinese government have been exploiting a high-severity zero-day.....»»
SonicWall patches critical firewall security flaw
The bug allowed for unauthorized resource access, SonicWall said......»»
SonicWall patches critical flaw affecting its firewalls (CVE-2024-40766)
SonicWall has patched a critical vulnerability (CVE-2024-40766) in its next-gen firewalls that could allow remote attackers unauthorized access to resources and, in specific conditions, to crash the appliances. About CVE-2024-40766 CVE-2024-40766 is.....»»
Researchers propose inexpensive 2.2-kilometer telescope that could make exoplanet movies
Can a kilometer-scale telescope help conduct more efficient science, and specifically for the field of optical interferometry? This is what a study recently posted to the preprint server arXiv hopes to address......»»
"Humanity is failing": Official report warns our chance to save the Great Barrier Reef is fast closing
The Great Barrier Reef will continue to deteriorate, largely due to climate change, and the window to secure its future is rapidly closing. That is the sobering conclusion of a major new report into the state of the reef......»»
Week in review: PostgreSQL databases under attack, new Chrome zero-day actively exploited
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: PostgreSQL databases under attack Poorly protected PostgreSQL databases running on Linux machines are being compromised by cryptojacking attackers......»»
Hotel room key cards everywhere could be at risk from RFID security flaw
Security researchers find flawed contactless cards dating back to late 2007, and urge users to be careful......»»
Another critical SolarWinds Web Help Desk bug fixed (CVE-2024-28987)
A week after SolarWinds released a fix for a critical code-injection-to-RCE vulnerability (CVE-2024-28986) in Web Help Desk (WHD), another patch for another critical flaw (CVE-2024-28987) in the company’s IT help desk solution has been pushed o.....»»
Breaking boundaries: The unexpected routes of minerals in crop growth
Imagine plants not just sipping nutrients dissolved in water, but actually munching on tiny mineral particles straight from the soil. A study sheds light on how wheat and lettuce aren't just passive feeders—they actively grab, transport, and utiliz.....»»
QNAP releases QTS 5.2 to prevent data loss from ransomware threats
QNAP has released the QTS 5.2 NAS operating system. A standout feature of this release is the debut of Security Center, which actively monitors file activities and thwarts ransomware threats. Additionally, system security receives a boost with the in.....»»
GitHub Enterprise Server has a critical security flaw, so patch now
A newly discovered security flaw allows hackers to elevate their privileges and thus take over vulnerable endpoints......»»
Critical GitHub Enterprise Server auth bypass flaw fixed (CVE-2024-6800)
A critical vulnerability (CVE-2024-6800) affecting all currently supported versions of GitHub Enterprise Server (GHES) may allow attackers to gain unrestricted access to the instance’s contents. The issue, reported via the GitHub Bug Bounty pro.....»»
Astronomers explore the nature of galaxy NGC 891 with JWST
Using the James Webb Space Telescope (JWST), an international team of astronomers has observed a nearby spiral galaxy known as NGC 891. Results of the observational campaign, published August 15 on the preprint server arXiv, provide more insights int.....»»
New Chrome zero-day actively exploited, patch quickly! (CVE-2024-7971)
A new Chrome zero-day vulnerability (CVE-2024-7971) exploited by attackers in the wild has been fixed by Google. About CVE-2024-7971 CVE-2024-7971 is a high-severity vulnerability caused by a type confusion weakness in V8, the open-source JavaScript.....»»
A new pandemic could ride in on animals we eat, study warns
Researchers warn the animals we eat could be the gateway to a pandemic in the form of antimicrobial resistance, unleashing a wave of deadly superbugs......»»
According to the UN, Canadians with intellectual disabilities are being exploited
Canada was recently criticized by Tomoya Obokata, the United Nations Special Rapporteur on Contemporary Forms of Slavery, in relation to the shortcomings of the temporary foreign worker program......»»
0-day in Windows driver exploited by North Korean hackers to deliver rootkit (CVE-2024-38193)
CVE-2024-38193, an actively exploited zero-day that Microsoft patched earlier this month, has been leveraged by North Korean hackers to install a rootkit on targets’ computers, Gen Digital researchers have revealed. About CVE-2024-38193 CVE-202.....»»
Astronomers explore the properties of quasar 1604+159
Chinese astronomers have conducted multi-frequency polarimetric observations of a quasar known as 1604+159. Results of the observational campaign, published August 13 on the pre-print server arXiv, shed more light on the properties of this quasar, in.....»»
GuidePoint Security releases Phishing as a Service
GuidePoint Security has launched a new Phishing as a Service (PhaaS) offering. Phishing remains one of the most common entry points for threat actors – according to CISA, over 90% of successful cyberattacks start with a phishing email. However, man.....»»
Vulnerability in Microsoft apps allowed hackers to spy on Mac users
A vulnerability found in Microsoft apps for macOS allowed hackers to spy on users. Security researchers from Cisco Talos reported in a blog post how the vulnerability could be exploited by attackers and what Microsoft has been doing to fix the explo.....»»