Google’s Transition to Rust Reduces Android Memory Vulnerabilities by Over 50% Overview Google has achieved great success improving the safety of Android by switching to the Rust programming language. The company attempts to follow a secure-by-design strategy, focusing on the
Remote Control Vulnerabilities in Kia Vehicles Overview Famous cybersecurity researchers Neiko Rivera, Sam Curry, and others have identified a series of vulnerabilities in Kia vehicles. The flaws could be exploited to control crucial functions of their cars remotely. Cybercriminals can
DragonRank SEO Manipulation Campaign Targeting IIS Servers Across Asia and Europe Overview A cyber espionage campaign is targeting IIS servers in several countries across Asia and Europe. The DragonRank campaign emanates from a simplified Chinese-speaking actor and specializes in manipulating search engine
Fortinet Data Breach via Third-Party Cloud: A Security Alert Overview Fortinet confirms a huge data breach impacting a number of its customers. The incident involves unauthorized access to files stored on their cloud drive. The breach came to light when a
Cybercriminals Exploit Google Sheets for Advanced Malware Operations Overview Cybersecurity researchers have taken over a highly-intricate malware. It is using Google Sheets as a command-and-control infrastructure. This operation dates back to August 5, 2024. There were attacks on 70+ institutions in different
Attackers Exploit Public .env Files to Compromise Cloud & Social Media Overview A large-scale extortion campaign targets cloud and social media accounts. Palo Alto Networks reports that attackers exploited publicly accessible .env files containing sensitive credentials to gain unauthorized access
GhostWrite Vulnerability in T-Head CPUs Exposes Devices to Unrestricted Access Overview A critical architectural flaw in T-Head’s XuanTie C910 and C920 RISC-V CPUs was uncovered by recent research from the CISPA Helmholtz Center for Information Security. Dubbed GhostWrite, the vulnerability is baked directly into
Microsoft Discloses Unpatched Office Vulnerability Leading to Data Exposure Overview Microsoft issued a critical warning about an unpatched zero-day vulnerability in its Office suite. It has been identified as CVE-2024-38200 as it poses a big risk of unauthorized data exposure.
DoJ and FTC File Lawsuit Against TikTok for Violating Children’s Privacy Laws Overview The U.S. Department of Justice and the Federal Trade Commission have filed a lawsuit against TikTok. They allege that TikTok has been violating US laws of children
Critical Vulnerability in Telerik Report Server Poses Remote Code Execution Risk Overview Progress Software issues a critical alert for users of their Telerik Report Server. The warning follows the identification of a significant security flaw, CVE-2024-6327. It has been assigned a
