Google Introduces Enhanced Real-Time URL Protection for Chrome Users
Google on Thursday announced an enhanced version of Safe Browsing to provide real-time, privacy-preserving URL protection and safeguard users from visiting potentially malicious sites."The...
GhostRace – New Data Leak Vulnerability Affects Modern CPUs
A group of researchers has discovered a new data leakage attack impacting modern CPU architectures supporting speculative execution.Dubbed GhostRace (CVE-2024-2193), it is a variation...
U.S. Sanctions Russians Behind ‘Doppelganger’ Cyber Influence Campaign
The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) on Wednesday announced sanctions against two 46-year-old Russian nationals and the respective companies they...
Over 800 npm Packages Found with Discrepancies, 18 Exploitable to ‘Manifest Confusion’
New research has discovered over 800 packages in the npm registry which have discrepancies from their registry entries, out of which 18 have been...
Massive Sign1 Campaign Infects 39,000+ WordPress Sites with Scam Redirects
A massive malware campaign dubbed Sign1 has compromised over 39,000 WordPress sites in the last six months, using malicious JavaScript injections to redirect users...
Google Warns: Android Zero-Day Flaws in Pixel Phones Exploited by Forensic Companies
Google has disclosed that two Android security flaws impacting its Pixel smartphones have been exploited in the wild by forensic companies.The high-severity zero-day vulnerabilities...
‘eXotic Visit’ Spyware Campaign Targets Android Users in India and Pakistan
An active Android malware campaign dubbed eXotic Visit has been primarily targeting users in South Asia, particularly those in India and Pakistan, with malware...
Code Keepers: Mastering Non-Human Identity Management
Identities now transcend human boundaries. Within each line of code and every API call lies a non-human identity. These entities act as programmatic access...
Timing is Everything: The Role of Just-in-Time Privileged Access in Security Evolution
To minimize the risk of privilege misuse, a trend in the privileged access management (PAM) solution market involves implementing just-in-time (JIT) privileged access. This...
Widely-Used PuTTY SSH Client Found Vulnerable to Key Recovery Attack
The maintainers of the PuTTY Secure Shell (SSH) and Telnet client are alerting users of a critical vulnerability impacting versions from 0.68 through 0.80...
