Latest Cybersecurity News and Articles

Retail Chain Hot Topic Hit by New Credential Stuffing Attacks

Breach notification letters sent to potentially impacted customers this week reveal that attackers targeted Hot Topic Rewards accounts in automated attacks using login information obtained from an unknown source.

Binarly Closes $10.5M Seed Financing

The round was led by Two Bear Capital, with participation from Blu Ventures, Canaan Partners, Cisco Investments, and Liquid 2 Ventures. Pre-seed investors Westwave Capital and Acrobator Ventures also expanded their equity positions.

Apple Users Deluged by Phony Password Reset Requests

First called out on X/Twitter by AI entrepreneur Parth Patel – and confirmed to be happening to others by security blogger Brian Krebs – the campaign appears to be targeting specific individuals, who are flooded with password reset requests.

Bedrock Security Raises $10M in Seed Funding

Bedrock Security, a Menlo Park, CA-based data security company, raised $10M in Seed funding. The round was led by Greylock. The company intends to use the funds to expand operations and development efforts.

Decade-Old Linux ‘Wall’ Bug Helps Make Fake SUDO Prompts, Steal Passwords

Tracked as CVE-2024-28085, the security issue has been dubbed WallEscape and has been present in every version of the package for the past 11 years up to 2.40 released yesterday.

Cisco Addressed High-Severity Flaws in IOS and IOS XE Software

Cisco this week released patches to address multiple IOS and IOS XE software vulnerabilities. An unauthenticated attacker can exploit several issues fixed by the IT giant to cause a denial-of-service (DoS) condition.

Update: UnitedHealth Admits Patient Data was 'Taken' in Mega Attack

UnitedHealth Group has publicly acknowledged that data was "taken" in the cyberattack on its Change Healthcare unit and said it has started analyzing the types of sensitive personal, financial, and health information potentially compromised.

Nvidia's Newborn ChatRTX Bot Patched for Security Bugs

Nvidia's AI-powered ChatRTX app launched just six week ago but already has received patches for two security vulnerabilities that enabled attack vectors, including privilege escalation and remote code execution.

Exposing a New BOLA Vulnerability in Grafana

This vulnerability, assigned as CVE-2024-1313 with a CVSS score of 6.5, allows low-privileged Grafana users to delete dashboard snapshots belonging to other organizations using the snapshot's keys, impacting the integrity of the system.

Hackers Developing Malicious LLMs After WormGPT Falls Flat

Cybercrooks are exploring ways to develop custom, malicious large language models after existing tools such as WormGPT failed to cater to their demands for advanced intrusion capabilities, security researchers said.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags