September 25, 2024 at 09:48PM WordPress has blocked WP Engine’s servers from accessing WordPress.org resources, including software updates. This action could prevent WP Engine users from updating plugins, leading to potential security issues. WordPress co-founder Matt Mullenweg has accused WP Engine of profiting from WordPress without contributing to its development, leading to a conflict between … Read more
March 4, 2024 at 04:54AM Security researchers have discovered around 100 malicious AI/ML models on the Hugging Face platform. These models pose a significant security threat, potentially allowing attackers to gain control over machines, leading to data breaches and corporate espionage. Furthermore, researchers have developed techniques to manipulate large-language models (LLMs) for harmful purposes, demonstrating … Read more
November 24, 2023 at 01:20PM Open-source file sharing software ownCloud has issued warnings about three critical security vulnerabilities. The first flaw exposes administrator passwords and mail server credentials. The second flaw allows unauthorized access to files without authentication. The third flaw bypasses subdomain validation in the OAuth2 library. Users are advised to apply recommended fixes … Read more
October 13, 2023 at 07:06AM AvosLocker ransomware gang has been linked to recent attacks on critical infrastructure sectors in the U.S. The gang uses legitimate software and open-source remote administration tools to compromise networks and exfiltrate data. AvosLocker leverages sophisticated techniques to avoid detection and affects Windows, Linux, and VMware environments. The attacks rely on … Read more
October 11, 2023 at 04:24PM The cybersecurity community anxiously awaited the disclosure of two security flaws in the open source proxy resolution tool, Curl. However, after patches and bug details were unveiled, neither vulnerability lived up to the hype. The first flaw could allow data corruption or remote code execution, but it only affects a … Read more
October 10, 2023 at 04:47PM Researchers have discovered a vulnerability in a library used by the GNOME desktop environment for Linux systems. Exploiting the vulnerability through a malicious link could allow attackers to take over machines. The issue lies in a dependency called “libcue” used by a default GNOME application called “tracker-miners.” The researchers have … Read more