Risk & Resilience

GPUBreach Attack Exploits GDDR6 GPU Memory To Achieve Full CPU Privilege Escalation

Risk & Resilience
GPUBreach, a new RowHammer attack targeting GDDR6 GPUs, enables arbitrary GPU memory access and full CPU privilege escalation, posing risks for cloud AI and multi-tenant deployments.

Flowise AI Agent Builder Faces Active CVSS 10.0 Remote Code Execution Exploitation With 12,000 Instances Exposed

Risk & Resilience
Flowise AI platform suffers a critical CVSS 10.0 code injection vulnerability, exposing over 12,000 instances to remote code execution and full system compromise.

China Linked TA416 Targets European Governments Using PlugX And OAuth Phishing Campaigns

Risk & Resilience
China-linked cyber espionage group TA416 targets European and Middle Eastern government entities using PlugX malware, OAuth phishing, and evolving attack chains.

Casbaneiro Phishing Campaign Targets Latin America And Europe With Dynamic PDF Lures

Risk & Resilience
Brazilian cybercrime actors deploy Casbaneiro and Horabot malware via dynamic PDFs, WhatsApp automation, and email phishing campaigns across Latin America and Europe.

Drift Suffers $285 Million Loss In Durable Nonce Social Engineering Attack Linked To DPRK

Risk & Resilience
Solana based exchange Drift confirms $285 million loss after a sophisticated social engineering attack involving durable nonces and suspected DPRK linked actors.

Apple Expands iOS 18.7.7 Update To Protect Users From DarkSword Exploit

Risk & Resilience
Apple extends iOS 18.7.7 and iPadOS 18.7.7 updates to more devices to block DarkSword exploit, addressing critical vulnerabilities in older iOS versions.

Wazuh Enables Proactive Vulnerability Management With Continuous Monitoring

Risk & Resilience
Wazuh helps organizations shift from periodic scans to proactive vulnerability management, integrating asset visibility, threat intelligence, and real-time exploitation detection.

LangChain And LangGraph Vulnerabilities Expose Sensitive Data In Widely Used AI Frameworks

Risk & Resilience
Security researchers reveal critical vulnerabilities in LangChain and LangGraph that could expose files, secrets, and databases, raising concerns for enterprise AI deployments.

Google Advances Quantum Computing Timeline To 2029 Raising Urgency For Post Quantum Security

Risk & Resilience
Google has accelerated its quantum computing timeline to 2029, urging faster adoption of post quantum cryptography as threats to current encryption standards grow.

Magento PolyShell Flaw Allows Unauthenticated Uploads, Remote Code Execution, And Account Takeover

Risk & Resilience
A critical Magento vulnerability named PolyShell exposes stores to unauthenticated file uploads, remote code execution, and account takeover risks, with active exploitation now observed.

Tax Search Ads Deliver ScreenConnect Malware Using Huawei Driver To Evade Security

Risk & Resilience
A malvertising campaign targets U.S. users searching for tax forms, delivering ScreenConnect malware and HwAudKiller to bypass EDR using a Huawei driver.

Trivy Supply Chain Attack Spurs Self Propagating CanisterWorm Across Npm Ecosystem

Risk & Resilience
A supply chain attack linked to Trivy has led to the spread of CanisterWorm malware across dozens of npm packages, exploiting tokens and decentralized infrastructure.
1...567...14Page 6 of 14

Recent articles

spot_img