Security
Headlines
HeadlinesLatestCVEs

Latest News

Ubuntu Security Notice USN-7114-1

Ubuntu Security Notice 7114-1 - It was discovered that Glib incorrectly handled certain trailing characters. An attacker could possibly use this issue to cause a crash or other undefined behavior.

Packet Storm
Open in Source
#vulnerability#ubuntu
Ubuntu Security Notice USN-7104-1

Ubuntu Security Notice 7104-1 - It was discovered that curl could overwrite the HSTS expiry of the parent domain with the subdomain's HSTS entry. This could lead to curl switching back to insecure HTTP earlier than otherwise intended, resulting in information exposure.

Ubuntu Security Notice USN-7113-1

Ubuntu Security Notice 7113-1 - Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

We Can Do Better Than Free Credit Monitoring After a Breach

Individual companies and entire industries alike must take responsibility for protecting customer data — and doing the right thing when they fail.

Free AI editor lures in victims, installs information stealer instead on Windows and Mac

A widespread social media campaign for EditProAI turns out to spread information stealers for both Windows and MacOS users.

Ngioweb Botnet Fuels NSOCKS Residential Proxy Network Exploiting IoT Devices

The malware known as Ngioweb has been used to fuel a notorious residential proxy service called NSOCKS, as well as by other services such as VN5Socks and Shopsocks5, new findings from Lumen Technologies reveal. "At least 80% of NSOCKS bots in our telemetry originate from the Ngioweb botnet, mainly utilizing small office/home office (SOHO) routers and IoT devices," the Black Lotus Labs team at

Hackers Hijack Unsecured Jupyter Notebooks to Stream Illegal Sports Broadcasts

Malicious actors are exploiting misconfigured JupyterLab and Jupyter Notebooks to conduct stream ripping and enable sports piracy using live streaming capture tools. The attacks involve the hijack of unauthenticated Jupyter Notebooks to establish initial access, and perform a series of actions designed to facilitate illegal live streaming of sports events, Aqua said in a report shared with The

Enhancing Traveler Data Security: Best Practices for Managing Sensitive Info

Protect traveler data with these tips: use VPNs, manage app permissions, and secure travel documents. Travel companies should…

AI is everywhere, and Boomers don’t trust it 

ChatGPT, Google Gemini, and Meta AI may be everywhere, but Baby Boomers don't trust the tech or the companies behind it.

Critical Windows Kerberos Flaw Exposes Millions of Servers to Attack

A critical vulnerability in the Windows Kerberos authentication protocol poses a significant risk to millions of servers. Microsoft…