The UAT-6382 threat group, comprised of Chinese-speaking hackers, is actively exploiting a critical zero-day vulnerability in Trimble Cityworks, posing significant risks to local governments and utility management entities in the United States.
The US National Institute of Standards and Technology (NIST), in collaboration with the Cybersecurity and Infrastructure Security Agency (CISA), has launched the Likely Exploited Vulnerabilities (LEV) metric to predict the likelihood of software and hardware vulnerabilities being exploited in real-world scenarios.
Major retailers are advising customers to change their passwords following a series of cyber-attacks that compromised customer data and disrupted operations.
A privilege escalation vulnerability in Google Cloud Platform’s Cloud Functions and Cloud Build service, discovered by Tenable Research, allows attackers to exploit excessive permissions, prompting Google to release a patch and implement new security policies.
Organizations must adopt a structured approach to securely decommission end-of-life IT assets to prevent data loss and unauthorized access by malicious actors.
A significant portion of Americans express deep concerns about biometric technology, with many advocating for a ban due to privacy issues, despite recognizing its potential to reduce identity crimes.
