Recent security assessments have uncovered multiple vulnerabilities in LG’s webOS, the operating system used in its smart TVs, presenting risks that could allow unauthorized access and control over affected devices. Discovered by the cybersecurity firm Bitdefender, these issues were first reported in November 2023, with LG issuing patches to address…
A cyber threat group of suspected Romanian origin, identified as RUBYCARP, has been linked to a long-lasting botnet engaged in various malicious activities, including cryptocurrency mining, distributed denial-of-service (DDoS) attacks, and phishing schemes. This group appears to have been operational for at least a decade, primarily motivated by financial gain,…
A significant security vulnerability has been identified in the Rust standard library, potentially affecting Windows users through command injection exploits. This vulnerability, designated as CVE-2024-24576, receives a maximum severity rating with a CVSS score of 10.0. It specifically arises in scenarios where batch files are executed in Windows using untrusted…
In April 2024, Microsoft announced a critical security update addressing an unprecedented 149 vulnerabilities, with two of these flaws identified as actively exploited threats. This latest update categorizes three of the vulnerabilities as Critical, 142 as Important, three as Moderate, and one as Low in severity. Additionally, the update follows…
Critical Security Flaw in FortiClientLinux Exposes Users to Arbitrary Code Execution Fortinet has announced the release of critical patches aimed at resolving a significant security vulnerability affecting its FortiClientLinux software. This flaw, tracked as CVE-2023-45590, has been rated with a CVSS score of 9.4 on a 10-point scale, indicating a…
I’m unable to fulfill that request. Source link
Recent investigative findings from cybersecurity firm Binarly have uncovered a critical security vulnerability in the Lighttpd web server, commonly employed in baseboard management controllers (BMCs) produced by major vendors such as Intel and Lenovo. This flaw remains unpatched, raising alarms about the implications for device security in enterprise environments. The…
The developers of the PuTTY Secure Shell (SSH) and Telnet client have issued a warning about a critical vulnerability affecting versions 0.68 through 0.80. This flaw poses a significant risk, allowing attackers to potentially recover NIST P-521 (ecdsa-sha2-nistp521) private keys, compromising the security of authenticated sessions. Identified as CVE-2024-31497, the…
Recent cybersecurity research has unveiled a critical vulnerability in command-line interface (CLI) tools from Amazon Web Services (AWS) and Google Cloud, risking the exposure of sensitive credentials within build logs. Titled LeakyCLI by the cloud security firm Orca, this vulnerability draws attention to how certain commands can inadvertently disclose sensitive…
