Apache HugeGraph-Server flaw actively exploited, CISA warns
The vulnerability has been patched months ago, but now federal agencies have a deadline to patch......»»
Windows 0-day was exploited by North Korea to install advanced rootkit
FudModule rootkit burrows deep into Windows, where it can bypass key security defenses. Enlarge (credit: Getty Images) A Windows zero-day vulnerability recently patched by Microsoft was exploited by hackers working on be.....»»
Microsoft cracks down on Windows 11 upgrade requirements
The latest Insider Build of Windows 11 has patched the "/product server" workaround that let old CPU users easily bypass the system requirements check......»»
Study finds gun violence in rural America rises as deer hunting season begins
Across rural America, the increased presence of loaded guns in homes and vehicles could lead to a spike in gun injuries and homicides at the start of every deer hunting season, a new study warns......»»
Observations investigate the connection of a supernova remnant with a nearby H II region
Chinese astronomers have performed multi-wavelength observations of a galactic supernova remnant known as HB9. Results of the observational campaign, published August 9 on the preprint server arXiv, shed more light on the remnant's properties and its.....»»
Week in review: MS Office flaw may leak NTLM hashes, malicious Chrome, Edge browser extensions
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Unpatched MS Office flaw may leak NTLM hashes to attackers (CVE-2024-38200) A new MS Office zero-day vulnerability (CVE-2024-38200) can be exploited.....»»
Apple warns of February store changes for EU developers, authors
Apple is giving App Store developers and booksellers a heads-up that they have to update their details with a trader status by February, to meet EU Digital Services Act rules.App Store iconApple has to follow the rules of the EU Digital Services Act.....»»
Business and tech consolidation opens doors for cybercriminals
Cyber threats continued to intensify in the first half of 2024 as cybercriminals exploited security gaps from growing business and technological consolidation, according to Resilience. Consolidation in business and tech fuels new third-party risks Re.....»»
Understanding Apple"s on-device and server foundation models
Apple announced new AI language models at WWDC. These models run both locally on Apple devices and on Apple's own Apple Silicon-powered AI servers.Siri icon in a datacenterArtificial Intelligence (AI) relies on language models which provide knowledge.....»»
"Mercury bomb" threatens millions as Arctic temperatures rise, study warns
The Yukon River flows west across Alaska toward the Bering Sea, eroding Arctic permafrost along its banks and transporting sediment downstream. Within that sediment lurks a toxic stowaway: mercury......»»
Security experts just found a massive flaw with Google Pixel phones
Since 2017, millions of Pixels have shipped with a flawed app package. Now, a defense contractor has exposed the oversight......»»
“Slapped cheek” virus is surging across Europe and US, CDC warns
It's often mild, but can be very dangerous in pregnancy and immunocompromised. Enlarge / A child with a "slapped cheek" rash (credit: CDC) A common seasonal respiratory virus that typically infects school-aged children i.....»»
Microsoft fixes 6 zero-days under active attack
August 2024 Patch Tuesday is here, and Microsoft has delivered fixes for 90 vulnerabilities, six of which have been exploited in the wild as zero-days, and four are publicly known. The zero-days under attack CVE-2024-38178 is a Scripting Engine Memor.....»»
Millions of AMD chips are being ignored in major security flaw fix
A major security flaw impacting hundreds of millions of AMD CPUs is making the rounds, but AMD won't be patching all of the affected processors......»»
Unpatched MS Office flaw may leak NTLM hashes to attackers (CVE-2024-38200)
A new MS Office zero-day vulnerability (CVE-2024-38200) can be exploited by attackers to grab users’ NTLM hashes, Microsoft has shared late last week. The vulnerability is exploitable remotely and requires no special privileges or user interact.....»»
Apple hasn’t yet fulfilled this macOS promise from four years ago
Shortly after the release of macOS Big Sur back in 2020, Apple faced widespread server outages. The outage affected macOS installations, iMessage, Apple Pay, and most notably: the notarization service. This meant that users had major issues opening a.....»»
American Axle more than doubles Q2 net income but warns of R&D, product launch costs
American Axle struck deals with European automakers, but it expects increased volatility as it prepares for ramp-up costs......»»
“0.0.0.0-Day” vulnerability affects Chrome, Safari and Firefox
A “0.0.0.0-Day” vulnerability affecting Chrome, Safari and Firefox can be – and has been – exploited by attackers to gain access to services on internal networks, Oligo Security researchers have revealed. The vulnerability ste.....»»
A critical security issue in 1Password for Mac left credentials vulnerable to attack
1Password has disclosed a now patched critical security flaw in its software that could give attackers access to users' unlock keys and credentials. Here's what to do to keep your data safe.1Password has disclosed a critical security flaw present in.....»»
1Password 8 for Mac flaw allows attackers to steal credentials, here’s how to patch it
1Password has shared that its software for Mac has a vulnerability that exposes users to a potentially serious threat. Along with attackers being able to compromise credentials, the flaw can give bad actors access to your account unlock key. more.....»»
Prompt injection attack on Apple Intelligence reveals a flaw, but is easy to fix
A prompt injection attack on Apple Intelligence reveals that it is fairly well protected from misuse, but the current beta version does have one security flaw which can be exploited. However, the issue would be very easy for the company to fix, so.....»»