Critical Flaw in ProjectSend Under Active Exploitation Against Public-Facing Servers
Nov 27, 2024Ravie LakshmananVulnerability / Software Security A critical security flaw impacting…
PyPI Python Library “aiocpa” Found Exfiltrating Crypto Keys via Telegram Bot
Nov 25, 2024Ravie LakshmananSoftware Supply Chain / Malware The administrators of the…
Malicious NPM Packages Target Roblox Users with Data-Stealing Malware
Nov 08, 2024Ravie LakshmananOpen Source / Malware A new campaign has targeted…
Critical Flaws in Ollama AI Framework Could Enable DoS, Model Theft, and Poisoning
Nov 04, 2024Ravie LakshmananVulnerability / Cyber Threat Cybersecurity researchers have disclosed six…
LottieFiles Issues Warning About Compromised “lottie-player” npm Package
Oct 31, 2024Ravie LakshmananCryptocurrency / Software Development LottieFiles has revealed that its…
Apple Opens PCC Source Code for Researchers to Identify Bugs in Cloud AI Security
Oct 25, 2024Ravie LakshmananCloud Security / Artificial Intelligence Apple has publicly made…
Hackers Exploit Roundcube Webmail XSS Vulnerability to Steal Login Credentials
Oct 20, 2024Ravie LakshmananVulnerability / Email Security Unknown threat actors have been…
Critical Linux CUPS Printing System Flaws Could Allow Remote Command Execution
Sep 27, 2024Ravie LakshmananLinux / Vulnerability A new set of security vulnerabilities…
WordPress Mandates Two-Factor Authentication for Plugin and Theme Developers
Sep 12, 2024Ravie LakshmananWeb Security / Content Management WordPress.org has announced a…