A serious remote code execution vulnerability has been identified in Exim, a widely-used open-source email server software. This flaw potentially exposes over half a million email servers to attacks from remote threat actors. The Exim team responded by issuing a patch, updating the software to version 4.92.2, following an early…
A recent software supply chain attack has underscored the growing prevalence of cyber threats, as hackers have successfully infiltrated legitimate software to embed malicious code. Often a rare occurrence, such incidents have become increasingly frequent, transforming once-trusted applications into potential vulnerabilities within victim networks. A particularly notorious group of cybercriminals,…
Critical Vulnerability Discovered in LiteLLM Python Package, Exploitation Initiated Within 36 Hours In a recent cybersecurity incident, a serious vulnerability has been identified in the LiteLLM Python package developed by BerriAI. This flaw, cataloged as CVE-2026-42208, has been linked to an SQL injection issue that can allow malicious actors to…
Facebook has recently addressed two critical vulnerabilities in its server application, potentially exposing sensitive information to remote attackers through the upload of maliciously crafted JPEG files. These vulnerabilities lie within the HipHop Virtual Machine (HHVM), an open-source virtual machine designed for executing PHP and Hack programming languages, which utilizes a…
Legislation Poses Risk to Automated License Plate Reader Programs Nationwide In a significant legislative move, US lawmakers are set to propose an amendment aimed at restricting the usage of automated license plate readers (ALPR) across the nation. Scheduled to be introduced during a House committee markup hearing on Thursday, this…
Microsoft has unveiled its monthly Patch Tuesday update for September 2019, addressing 79 security vulnerabilities across various software products. Notably, this release includes 17 critical vulnerabilities, 61 important, and one categorized as moderate. Two of the vulnerabilities are designated as “publicly known” at the time of distribution; one of these…
Exploit Code Released for Unpatched Chromium Vulnerability On Wednesday, Google disclosed exploit code for an unresolved vulnerability within its Chromium browser framework, impacting millions of users across popular browsers including Chrome and Microsoft Edge. This vulnerability, which has persisted for 29 months without a patch, poses significant risks for users…
The U.S. Department of Justice has announced the sentencing of two cybersecurity professionals, Ryan Goldberg from Georgia and Kevin Martin from Texas, to four years in federal prison each for their involvement in facilitating BlackCat ransomware attacks that occurred throughout 2023. Their actions targeted numerous victims across the United States…
Recent research has unveiled a new side-channel vulnerability in Intel processors that allows remote exploitation without the need for malware or physical access to the targeted machine. This vulnerability, referred to as **NetCAT** (Network Cache ATtack), poses a significant risk by potentially enabling cyber attackers to extract sensitive information, such…