Researchers at US-Israeli infosec outfit SafeBreach recently discussed flaws in Microsoft and Kaspersky endpoint security products that can potentially allow the remote deletion of files.

Some smart locks controlled by Chirp Systems' software can be remotely unlocked by strangers thanks to a critical security vulnerability. This remote exploitation is possible due to passwords and private keys being hard-coded in Chirp's Android app.

Users started noticing on Monday that X's programmers implemented a rule on its iOS app that auto-changed Twitter.com links that appeared in Xeets (tweets) to X.com links.

The report from the Department for Science, Innovation and Technology (DSIT), painted security as more of an afterthought for UK businesses, especially when considering the figures about how breaches are handled.

The vulnerability, which carries a perfect 10 base severity score, is tracked as CVE-2024-24576. It affects the Rust standard library, which was found to be improperly escaping arguments when invoking batch files on Windows using the Command API.

Martin Schobert at Swiss security firm Pentagrid discovered that an attacker could input a series of six consecutive dashes (------) in place of a booking reference number and the terminal would return an extensive list of room details.

The cybercriminals behind INC Ransom are claiming responsibility for the ongoing cybersecurity incident at Leicester City Council, according to a post caught by security researchers.

This supply-chain compromise may have been caught early enough to prevent widespread exploitation, and it may only mainly affect bleeding-edge distros that picked up the latest xz versions right away.

A Linux privilege-escalation proof-of-concept exploit has been published that, according to the bug hunter who developed it, typically works effortlessly on kernel versions between at least 5.14 and 6.6.14.

The discovery and exploitation of zero-day vulnerabilities in enterprise-specific software and appliances appears to be outpacing the leveraging of zero-day bugs overall, judging by Google's latest research.