Security
Headlines
HeadlinesLatestCVEs

Tag

#web

Fake Betting Apps Using AI-Generated Voices to Sensitive Data

Group-IB has discovered that cybercriminals are using fake betting apps and ads with AI-generated voices to steal personal information and money. Discover the tactics used by scammers and how to avoid falling victim to these fraudulent schemes.

HackRead
Open in Source
#web#mac#windows#microsoft#git#c++#auth
How To Get Your Startup Off The Ground Amid Cybersecurity Threats

When looking to create a business, one of the most important things to consider is how you will…

AI-Powered Fake News Campaign Targets Western Support for Ukraine and U.S. Elections

A Moscow-based company sanctioned by the U.S. earlier this year has been linked to yet another influence operation designed to turn public opinion against Ukraine and erode Western support since at least December 2023. The covert campaign undertaken by Social Design Agency (SDA), leverages videos enhanced using artificial intelligence (AI) and bogus websites impersonating reputable news sources

Protecting Tomorrow's World: Shaping the Cyber-Physical Future

The lines between digital and physical realms increasingly blur. While this opens countless opportunities for businesses, it also brings numerous challenges. In our recent webinar, Shaping the Cyber-Physical Future: Trends, Challenges, and Opportunities for 2025, we explored the different factors shaping the cyber-physical future. In an insightful conversation with industry experts, we discussed

GHSA-x4x5-jx9j-mmv7: pyspider Cross-site Scripting vulnerability

pyspider through 0.3.10 allows /update XSS. NOTE: This vulnerability only affects products that are no longer supported by the maintainer

Data broker exposes 600,000 sensitive files including background checks

A researcher has discovered a data broker had stored 644,869 PDF files in a publicly accessible cloud storage container.

Propertyrec Leak Exposes Over Half a Million Background Check Records

Summary A critical data security lapse has left a massive trove of personal information vulnerable, raising concerns about…

New episode “In The Trend of VM” (#9): 4 trending vulnerabilities of October, scandal at The Linux Foundation, social “attack on the complainer”, “Ford’s method” for motivating IT specialists to fix vulnerabilities

New episode “In The Trend of VM” (#9): 4 trending vulnerabilities of October, scandal at The Linux Foundation, social “attack on the complainer”, “Ford’s method” for motivating IT specialists to fix vulnerabilities. The competition for the best question on the topic of VM continues. 😉🎁 📹 Video on YouTube, LinkedIn🗞 Post on Habr (rus)🗒 Digest […]

GHSA-j6vm-4r7g-x4gr: Devolutions.XTS.NET Vulnerable to Timing Attack on GF Multiplications

### Impact Timing attacks on Galois Field multiplications in this package. Successful exploitation would effectively allow a downgrade of the security guarantees of the XTS mode to the security guarantees of ECB mode, allowing block swapping, enabling identification of identical blocks, and rendering half of the XTS key obsolete. Timing attacks require specific conditions to be exploitable. ### Patches Patched in 2024.11.26 ### Workarounds Upgrade the package ### References https://en.wikipedia.org/wiki/Timing_attack

'Operation Undercut' Adds to Russia Malign Influence Campaigns

Just like Russia's Doppelgänger effort, the goal is to spread misinformation about Ukraine and Western efforts to help Ukraine in its war with Russia.