Zyxel silently patches command injection vulnerability with 9.8 severity rating
Flaw makes it possible to install web shell to maintain control of affected devices. Enlarge (credit: Zyxel) Hardware manufacturer Zyxel quietly released an update fixing a critical vulnerability that gives hackers the ability.....»»
Despite patches, Intel CPUs still struggle with Black Myth: Wukong
Even though Intel recently released a new BIOS update, new reports of instability issues are cropping up in regard to Black Myth: Wukong......»»
Starfield August Update: What’s New
Bethesda’s latest Starfield update is a big one. The new software brings much needed bug fixes and it also features the highly anticipated land vehicle. Most Starfield patches go though a beta process before they are released to the public, but.....»»
Three-year study suggests air pollution increases thunderstorm danger
Air pollution is increasing the severity of summertime thunderstorms, according to a recent study conducted by researchers at James Madison University and published in the journal Atmospheric Research......»»
Vulnerabilities in Microsoft macOS apps may give attackers access to microphone, camera
Vulnerabilities in popular Microsoft apps for macOS can be abused by attackers to record video and audio clips, take pictures, access and exfiltrate data and send emails, Cisco Talos researchers have discovered. Library injection vulnerabilities in M.....»»
Vulnerability in Microsoft apps allowed hackers to spy on Mac users
A vulnerability found in Microsoft apps for macOS allowed hackers to spy on users. Security researchers from Cisco Talos reported in a blog post how the vulnerability could be exploited by attackers and what Microsoft has been doing to fix the explo.....»»
Windows 0-day was exploited by North Korea to install advanced rootkit
FudModule rootkit burrows deep into Windows, where it can bypass key security defenses. Enlarge (credit: Getty Images) A Windows zero-day vulnerability recently patched by Microsoft was exploited by hackers working on be.....»»
Less severe forest fires can reduce intensity of future blazes
Not all forest fires have devastating effects. Low- and moderate-severity forest wildfires can reduce the intensity of future conflagrations for as long as 20 years in certain climates, according to new research by the University of California, Davis.....»»
This Apple TV+ show has 100% on Rotten Tomatoes, and season two is coming soon
Apple TV+ has plenty of excellent shows, but among all of its best-reviewed titles, only two series have scored a 100% freshness rating on Rotten Tomatoes. And now, Apple has announced that one of those shows—Bad Sisters—is debuting its second se.....»»
Morphable materials: Researchers coax nanoparticles to reconfigure themselves
A view into how nanoscale building blocks can rearrange into different organized structures on command is now possible with an approach that combines an electron microscope, a small sample holder with microscopic channels, and computer simulations, a.....»»
Week in review: MS Office flaw may leak NTLM hashes, malicious Chrome, Edge browser extensions
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Unpatched MS Office flaw may leak NTLM hashes to attackers (CVE-2024-38200) A new MS Office zero-day vulnerability (CVE-2024-38200) can be exploited.....»»
Critical Start helps organizations reduce cyber risk from vulnerabilities
Critical Start announced Critical Start Vulnerability Management Service (VMS) and Vulnerability Prioritization. These new offerings are a foundational pillar of Managed Cyber Risk Reduction, allowing organizations to assess, manage, prioritize, and.....»»
Pixel problems: Google"s security nightmare caused by hidden software
A vulnerability included in every version of Android for previous Google Pixel models will soon be patched, but Pixel 9 buyers don't need to worry.Google Pixel 9The majority of Google Pixel smartphones sold from September 2017 onward have included a.....»»
Critical RCE bug in SolarWinds Web Help Desk fixed (CVE-2024-28986)
SolarWinds has fixed a critical vulnerability (CVE-2024-28986) in its Web Help Desk (WHD) solution that may allow attackers to run commands on the host machine. “While it was reported as an unauthenticated vulnerability, SolarWinds has been una.....»»
You definitely want to install these 90 Windows security patches
Microsoft release huge amount of fixes to fix a jaw-dropping 90 security flaws that include nine critical bugs......»»
Bloomberg: Apple targeting sub-$1,000 price for iPad-like robotic home device
Apple is moving forward with its plans for home robotics, according to a new report from Bloomberg. Apple is reportedly ramping up its work on a tabletop smart home device with a robotic arm, which would serve as a “smart home command center, video.....»»
The Anker Soundcore has a 24-hour playtime for only $24
The Anker Soundcore Bluetooth speaker with a 24-hour battery life and an IPX5 waterproof rating is on sale from Amazon for only $24, but you have to hurry......»»
Unpatched MS Office flaw may leak NTLM hashes to attackers (CVE-2024-38200)
A new MS Office zero-day vulnerability (CVE-2024-38200) can be exploited by attackers to grab users’ NTLM hashes, Microsoft has shared late last week. The vulnerability is exploitable remotely and requires no special privileges or user interact.....»»
1Password urges Mac users to patch now to avoid having their data stolen
This 1Password vulnerability could expose your vaults to theft, so patch now.....»»
“0.0.0.0-Day” vulnerability affects Chrome, Safari and Firefox
A “0.0.0.0-Day” vulnerability affecting Chrome, Safari and Firefox can be – and has been – exploited by attackers to gain access to services on internal networks, Oligo Security researchers have revealed. The vulnerability ste.....»»
New infosec products of the week: August 9, 2024
Here’s a look at the most interesting products from the past week, featuring releases from: Rapid7, AppOmni, Contrast Security, Elastic, Cequence Security, Veza, ArmorCode, and EndorLabs. Rapid7 releases Command Platform, unified attack defense and.....»»