Apache HugeGraph-Server flaw actively exploited, CISA warns
The vulnerability has been patched months ago, but now federal agencies have a deadline to patch......»»
Non-native species are threatening vulnerable Svalbard plant life, study warns
New, non-native plant species are constantly being found in Svalbard, and researchers are working to ascertain what threat these species pose to the native plants......»»
Docker fixes critical auth bypass flaw, again (CVE-2024-41110)
A critical-severity Docker Engine vulnerability (CVE-2024-41110) may be exploited by attackers to bypass authorization plugins (AuthZ) via specially crafted API request, allowing them to perform unauthorized actions, including privilege escalation. A.....»»
BIND 9.20 released: Enhanced DNSSEC support, application infrastructure improvements
BIND (Berkeley Internet Name Domain) is an open-source DNS software system with an authoritative server, a recursive resolver, and related utilities. BIND 9.20, a stable branch suitable for production use, has been released. According to the current.....»»
This new Google Chrome security warning is very important
Chrome changes how it warns users of suspicious downloads by offering easily digestible explanations with it anti-phishing Enhanced protection feature......»»
From Hungary to Maker Faire Rome: AKG Robotics + Piezo Young Makers
In the heart of Budapest, Hungary, innovation and education converge at the AKG School's robotics club, AKG Robotics. Here, students are not only learning about technology but are actively creating it. The post From Hungary to Maker Faire Rome:.....»»
Yellowknife study warns of unprecedented arsenic release from wildfires
The wildfire season of 2023 was the most destructive ever recorded in Canada and a new study suggests the impact was unprecedented. It found that four of the year's wildfires in mine-impacted areas around Yellowknife, Northwest Territories potentiall.....»»
AKG Robotics: Smart Pot and Smart Table
In the heart of Budapest, Hungary, innovation and education converge at the AKG School's robotics club, AKG Robotics. Here, students are not only learning about technology but are actively creating it. The post AKG Robotics: Smart Pot and Smart.....»»
Week in review: CrowdStrike update causes widespread IT outage, critical Splunk Enterprise flaw
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Faulty CrowdStrike update takes out Windows machines worldwide Thousands and possibly millions of Windows computers and servers worldwide have been.....»»
CrowdStrike explained: How one faulty update killed half the world’s IT systems
The sheer scale of the global IT outage caused by a faulty software update has left many wondering how one update to one company’s security software could have such massive impact. Ironically, the effect of the CrowdStrike flaw has been almost i.....»»
Critical Splunk flaw can be exploited to grab passwords (CVE-2024-36991)
A recently fixed vulnerability (CVE-2024-36991) affecting Splunk Enterprise on Windows “is more severe than it initially appeared,” according to SonicWall’s threat researchers. Several PoC exploits have been published, including one.....»»
Astronomers detect dozens of new pulsating white dwarfs
Using NASA's Transiting Exoplanet Survey Satellite (TESS), astronomers have detected 32 new bright pulsating DA white dwarfs of the ZZ Ceti subclass. The finding was reported in a research paper published July 9 on the pre-print server arXiv......»»
Void Banshee APT exploited “lingering Windows relic” in zero-day attacks
The zero-day exploit used to leverage CVE-2024-38112, a recently patched Windows MSHTML vulnerability, was wielded by an APT group dubbed Void Banshee to deliver malware to targets in North America, Europe, and Southeast Asia, threat hunters with Tre.....»»
UAW"s federal monitor warns of union"s continuing culture of fear and retribution
The latest report by Monitor Neil Barofsky argues UAW President Shawn Fain and union leadership need to implement more reforms and work harder to change the union's culture......»»
Week in review: RADIUS protocol critical vuln, Microsoft 0-day exploited for a year, AT&T breach
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Hackers stole call, text records of “nearly all” of AT&T’s cellular customers Hackers leveraging stolen Snowflake account credentials have sto.....»»
UAW"s Shawn Fain warns Democrats to confront "hard truths" about 2024 presidential election
“We’re speaking truth to those who need to hear it most and that’s the Democrat Party,” Fain said Friday.....»»
Apple warns iPhone users in 98 countries about ‘mercenary spyware attacks’
Apple has warned a significant number of iPhone users across 98 countries that they appear to have been targeted by “mercenary spyware attacks” which could compromise almost all the personal data on their devices. The company says it can never.....»»
Threat actors exploited Windows 0-day for more than a year before Microsoft fixed it
The goal of the exploits was to open Explorer and trick targets into running malicious code. Enlarge (credit: Getty Images) Threat actors carried out zero-day attacks that targeted Windows users with malware for more tha.....»»
Musk"s xAI, Oracle end talks on $10 billion server deal, the Information reports
Musk"s xAI, Oracle end talks on $10 billion server deal, the Information reports.....»»
Don’t ignore this one skin sign that might mean cancer, doctor warns
Don’t ignore this one skin sign that might mean cancer, doctor warns.....»»
Zero-day patched by Microsoft has been exploited by attackers for over a year (CVE-2024-38112)
CVE-2024-38112, a spoofing vulnerability in Windows MSHTML Platform for which Microsoft has released a fix on Tuesday, has likely been exploited by attackers in the wild for over a year, Check Point researcher Haifei Li has revealed. “Check Poi.....»»