GitLab patches high severity account takeover, missing auth issues
SkyNet Automation GitLab has released security updates to address multiple vulnerabilities in the company’s DevSecOps platform, including ones enabling attackers…
Security
Windows 11 24H2 emergency update fixes Easy Anti-Cheat BSOD issue
Microsoft has released an emergency Windows 11 24H2 update to address an incompatibility issue triggering restarts with blue…
Fog ransomware attack uses unusual mix of legitimate and open-source tools
Fog ransomware hackers are using an uncommon toolset, which includes open-source pentesting utilities and a legitimate employee monitoring…
ChatGPT o3 API 80% price drop has no impact on performance
ChatGPT o3, which has been available via API, is now 80% cheaper for developers, and there’s no visible…
SmartAttack uses smartwatches to steal data from air-gapped systems
A new attack dubbed ‘SmartAttack’ uses smartwatches as a covert ultrasonic signal receiver to exfiltrate data from physically…
Erie Insurance confirms cyberattack behind business disruptions
Erie Insurance and Erie Indemnity Company have disclosed that a weekend cyberattack is behind the recent business disruptions…
Zero-click AI data leak flaw uncovered in Microsoft 365 Copilot
A new attack dubbed ‘EchoLeak’ is the first known zero-click AI vulnerability that enables attackers to exfiltrate sensitive…
Hackers exploited Windows WebDav zero-day to drop malware
An APT hacking group known as ‘Stealth Falcon’ exploited a Windows WebDav RCE vulnerability in zero-day attacks since…
Microsoft creates separate Windows 11 24H2 update for incompatible PCs
Microsoft confirmed on Tuesday that it’s pushing a revised security update targeting some Windows 11 24H2 systems incompatible…
Brute-force attacks target Apache Tomcat management panels
A coordinated campaign of brute-force attacks using hundreds of unique IP addresses targets Apache Tomcat Manager interfaces exposed…