The Rowhammer vulnerability has resurfaced as a significant concern for modern dynamic random access memory (DRAM) chips, enabling attackers to escalate privileges within targeted systems by exploiting memory access patterns that result in unintended bit flips. This critical issue arises from continuous access to specific memory rows, raising the potential…
Cramming for finals has become increasingly challenging, especially when educational platforms experience unexpected shutdowns. Recently, numerous students across the United States faced significant disruptions when Canvas entered “maintenance mode” due to a ransomware attack on its parent company, Instructure. The hacking group known as ShinyHunters has claimed responsibility for the…
In a significant move outside of the regular Patch Tuesday schedule, Adobe has released an extensive set of out-of-band software updates aimed at addressing a total of 41 newly discovered security vulnerabilities across six different products. This proactive approach follows Adobe’s recent communication regarding an impending security update for its…
In a significant cybersecurity revelation, a researcher has unveiled critical technical details regarding a remote code execution vulnerability impacting OpenWrt, a commonly utilized Linux-based operating system for network devices such as routers and gateways. This vulnerability, cataloged as CVE-2020-7982, is tied to the OPKG package manager’s flaw in its integrity…
Cyberattack Disrupts US Educational Institutions Amid Final Exams A significant cyberattack impacted schools and universities across the United States on Thursday, coinciding with student final exams. The online learning platform, Canvas, which is widely used in educational settings, experienced substantial disruptions as students prepared for crucial assessments. Instructure, the parent…
The United States Cybersecurity and Infrastructure Security Agency (CISA) has recently issued an advisory urging organizations to update all Active Directory credentials to enhance security against cyberattacks exploiting a known remote code execution (RCE) vulnerability within Pulse Secure VPN servers, regardless of whether they have applied patches. This warning follows…
For users of Google’s Chrome browser on desktop, a significant development may be underway. As of 2024, an AI model known as Gemini Nano has been integrated into the browser, occupying approximately 4 GB of disk space. While the presence of this file isn’t inherently problematic, many users are not…
Two critical security vulnerabilities have recently been uncovered in the open-source **SaltStack Salt configuration framework**, posing significant risks to servers operating in both data center and cloud settings. These vulnerabilities could potentially enable threat actors to execute arbitrary code remotely. The vulnerabilities, disclosed by F-Secure researchers this past Thursday, were…
In late March, Russian company Bureau 1440 successfully launched the first 16 satellites of its broadband internet constellation known as Rassvet, which observers have compared to SpaceX’s Starlink. This initiative aims to establish a global internet network, potentially masking larger strategic objectives, including military and communication control. The launch occurred…