Security
Stay informed with the latest developments in cybersecurity through our Security category. Discover in-depth news, analysis, and updates on emerging cyber threats, malware incidents, and major data breaches. Whether you’re a cybersecurity professional or just keen on protecting your digital footprint, find insights and trends that are shaping the future of online security here.
Hackers exploit critical unpatched flaw in Zyxel CPE devices
Hackers are exploiting a critical command injection vulnerability in Zyxel CPE Series devices that is currently tracked as CVE-2024-40891 and remains unpatched since last July. The vulnerability allows unauthenticated attackers to execute arbitrary commands using the ‘supervisor’ or ‘zyuser’ service accounts. Vulnerability intelligence company VulnCheck added the security issue to its database last year on July 12 and […]
Hackers exploiting flaws in SimpleHelp RMM to breach networks
Hackers are believed to be exploiting recently fixed SimpleHelp Remote Monitoring and Management (RMM) software vulnerabilities to gain initial access to target networks. The flaws, tracked as CVE-2024-57726, CVE-2024-57727, and CVE-2024-57728, allow threat actors to download and upload files on devices and escalate privileges to administrative levels. The vulnerabilities were discovered and disclosed by Horizon3 researchers two […]
New Apple CPU side-channel attacks steal data from browsers
A team of security researchers has disclosed new side-channel vulnerabilities in modern Apple processors that could steal sensitive information from web browsers. The Georgia Institute of Technology and Ruhr University Bochum researchers, who presented another attack dubbed ‘iLeakage’ in October 2023, presented their new findings in two separate papers, namely FLOP and SLAP, which show distinct flaws […]
Engineering giant Smiths Group discloses security breach
London-based engineering giant Smiths Group disclosed a security breach after unknown attackers gained access to the company’s systems. Smiths is a British multinational listed on the London Stock Exchange that employs more than 15,000 people in over 50 countries. It also provides products to customers in the energy, safety, security, aerospace, and defense markets and reported […]
Signal will let you sync old messages when linking new devices
Signal is finally adding a new feature that allows users to synchronize their old message history from their primary iOS or Android devices to newly linked devices like desktops and iPads. The transfer process is fully end-to-end encrypted, ensuring privacy and data security. It will employ a QR code verification step to ensure the action […]
PowerSchool starts notifying victims of massive data breach
Education software giant PowerSchool has started notifying individuals in the U.S. and Canada whose personal data was exposed in a late December 2024 cyberattack. Though this is a step forward, the company has still not officially disclosed the exact number of individuals impacted by the security incident. Moreover, a detailed report on what exactly has […]
Microsoft tests Edge Scareware Blocker to block tech support scams
Microsoft has started testing a new “scareware blocker” feature for the Edge web browser on Windows PCs, which uses machine learning (ML) to detect tech support scams. Scareware scams (also known as tech support scams) have been a pervasive threat for years. The scammers use aggressive landing pages to persuade potential victims that their devices have […]
DeepSeek halts new signups amid “large-scale” cyberattack
Chinese AI platform DeepSeek has disabled registrations on it DeepSeek-V3 chat platform due to an ongoing “large-scale” cyberattack targeting its services. DeepSeek is a relatively new AI platform that has quickly gained attention over the past week for its development and release of an advanced AI model that allegedly matches or outperforms the capabilities of […]
Bitwarden makes it harder to hack password vaults without MFA
Open-source password manager Bitwarden is adding an extra layer of security for accounts that are not protected by two-factor authentication, requiring email verification before allowing access to accounts. When a potentially suspicious login attempt is detected, like from an unrecognized device, the user will now prompted to confirm the action by entering a verification code […]
Microsoft: January Windows security updates break audio playback
Microsoft has confirmed that the January 2025 Windows security updates are breaking audio playback on some systems with external DACs (digital-to-analog converters). DACs are commonly used at home, in professional music studios, and in portable music players to improve audio quality, process signals, or convert digital audio into analog signals for playback through speakers or […]