PAX PoS Terminal Flaw Could Allow Attackers to Tamper with Transactions
Jan 17, 2024NewsroomFinancial Data / Vulnerability
The point-of-sale (PoS) terminals from PAX Technology are impacted by a collection of high-severity vulnerabilities that can be...
Iranian Hackers Masquerade as Journalists to Spy on Israel-Hamas War Experts
Jan 18, 2024NewsroomCyber Espionage / Threat Intelligence High-profile individuals working on Middle Eastern affairs at universities and research organizations in Belgium, France, Gaza,...
PixieFail UEFI Flaws Expose Millions of Computers to RCE, DoS, and Data Theft
Jan 18, 2024NewsroomFirmware Security / Vulnerability
Multiple security vulnerabilities have been disclosed in the TCP/IP network protocol stack of an open-source reference implementation of...
When Security Measures Go Wrong
Jan 18, 2024The Hacker NewsAuthentication Security / Passwords
In today's digital landscape, traditional password-only authentication systems have proven to be vulnerable to a wide...
TensorFlow CI/CD Flaw Exposed Supply Chain to Poisoning Attacks
Jan 18, 2024NewsroomSupply Chain Attacks / AI Security
Continuous integration and continuous delivery (CI/CD) misconfigurations discovered in the open-source TensorFlow machine learning framework could...
Russian COLDRIVER Hackers Expand Beyond Phishing with Custom Malware
The Russia-linked threat actor known as COLDRIVER has been observed evolving its tradecraft to go beyond credential harvesting to deliver its first-ever custom...
New Docker Malware Steals CPU for Crypto & Drives Fake Website Traffic
Jan 18, 2024NewsroomServer Security / Cryptocurrency
Vulnerable Docker services are being targeted by a novel campaign in which the threat actors are deploying XMRig...
U.S. Cybersecurity Agency Warns of Actively Exploited Ivanti EPMM Vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a now-patched critical flaw impacting Ivanti Endpoint Manager Mobile (EPMM) and MobileIron...
Npm Trojan Bypasses UAC, Installs AnyDesk with “Oscompatible” Package
Jan 19, 2024NewsroomSoftware Security / Spyware
A malicious package uploaded to the npm registry has been found deploying a sophisticated remote access trojan on...