#acer

By Waqas New AI-Dodging Phishing Attack AI Security and Exploits Machine Learning. This is a post from HackRead.com Read the original post: Cybercriminals Beta Test New Attack to Bypass AI Security

By Deeba Ahmed While Fujitsu did not disclose in-depth details, the company confirmed investigating a cyberattack that may have led to a data breach. This is a post from HackRead.com Read the original post: Fujitsu Scrambles After Malware Attack: Customer Data Potentially Breached

### Summary An attacker can exploit a critical flaw in the application to initiate a Denial of Service (DoS) attack, rendering the application inoperable and affecting all users. The issue arises from unsafe manipulation of an array in a multi-threaded environment. ### Details The vulnerability is rooted in the application's code, where an array is being modified while it is being iterated over. This is a classic programming error but becomes critically unsafe when executed in a multi-threaded environment. When two threads interact with the same array simultaneously, the application crashes. The core issue is located in [expireOldFailedAttempts](https://github.com/argoproj/argo-cd/blob/54601c8fd30b86a4c4b7eb449956264372c8bde0/util/session/sessionmanager.go#L302-L311) function: ```go func expireOldFailedAttempts(maxAge time.Duration, failures *map[string]LoginAttempts) int { expiredCount := 0 for key, attempt := range *failures { if time.Since(attempt.LastFailed) > maxAge*time.Sec...

MSMS-PHP version 1.0 suffers from a remote shell upload vulnerability.

A global network of violent predators is hiding in plain sight, targeting children on major platforms, grooming them, and extorting them to commit horrific acts of abuse.

Membership Management System version 1.0 suffers from a remote SQL injection vulnerability.

Cyberattacks and criminal scams can impact anyone. But communities of color and other marginalized groups are often disproportionately impacted and lack the support to better protect themselves.

By Deeba Ahmed According to cybersecurity firm Pen Test Partners, Livall’s smart helmets had an inherent flaw that could lead to… This is a post from HackRead.com Read the original post: Smart Helmets Flaw Exposed Millions to Risk of Hacking and Surveillance

Members of Congress say the DOJ is funding the use of AI tools that further discriminatory policing practices. They're demanding higher standards for federal grants.

In Traceroute versions 2.0.12 through to 2.1.2, the wrapper scripts mishandle shell metacharacters, which can lead to privilege escalation if the wrapper scripts are executed via sudo. The affected wrapper scripts include tcptraceroute, tracepath, traceproto, and traceroute-nanog. Version 2.1.3 addresses this issue.