Security researcher Simon Garrelou from Airbus CERT identifies a flaw in CrushFTP’s software allowing users to escape the Virtual File System and download system files, leading to targeted attacks and urging users to update to version 11.1.0.
Cyber attackers exploit Telegram users with fake earning program, stealing Toncoins through referral scheme.
US National Security Agency collaborates with organizations to enhance security of AI systems through new guidance.
MITRE Corporation’s R&D network, NERVE, breached by foreign nation-state hackers exploiting zero-day vulnerabilities in Ivanti software.
Legit Security researchers uncover vulnerability in Cordova App Harness package, highlighting risks of “dependency hijacking” and potential for Remote Code Execution.
China, Russia, and Iran pose a significant threat to US elections through the malicious use of generative AI tools, targeting election infrastructure and spreading disinformation to undermine public confidence.
