Multiple vulnerabilities in the TianoCore EFI Development Kit II (EDK II) allow for remote code execution, denial-of-service attacks, DNS cache poisoning, and leakage of sensitive information, impacting various UEFI firmware implementations.
Researchers at Praetorian have discovered critical misconfigurations in TensorFlow’s CI/CD systems that enable attackers to compromise build agents, potentially leading to the compromise of TensorFlow releases on GitHub and PyPi.
COLDRIVER, a Russia-backed APT group, has evolved their tactics by creating custom malware called “Spica” and using encrypted PDFs to target victims, marking a significant shift from their previous focus on phishing emails for credential harvesting.
Iran-linked threat group Mint Sandstorm, also known as APT35 or Charming Kitten, has been conducting a sophisticated social engineering campaign targeting high-profile researchers involved in the Israel-Hamas conflict, using customized phishing lures and a new custom backdoor called MediaPI to steal sensitive data.
Chinese pirating websites are distributing pirated macOS applications that have been modified to contain a stealthy backdoor malware, posing a significant threat to Mac users by allowing attackers to gain control over their systems.
A new cyber-attack campaign utilizes the 9Hits Viewer software and XMRig cryptocurrency miner to target vulnerable Docker services, causing resource exhaustion and highlighting the adaptability of attackers.
