News

Zabbix disclosed a critical SQL injection vulnerability (CVE-2024-42327) in the CUser.get function in their open-source network monitoring tool. The vulnerability could be exploited by anyone with “a non-admin user account…

Costa Rican energy provider Refinadora Costarricense de Petróleo (RECOPE) reverted to manual operations last week following a ransomware attack. RECOPE “imports, refines and distributes fossil fuels across the country while…

Researchers from the Sysdig Threat Research Team detected a campaign that targeted exposed Git configuration files to steal over 15,000 cloud account and email service credentials. The threat actors reportedly…

MITRE's Center for Threat-Informed Defense, in collaboration with 15 private-sector organizations to develop the AI Incident Sharing Initiative. The project is part of MITRE’s Adversarial Threat Landscape for Artificial-Intelligence Systems…

According to a report in The Wall Street Journal, a threat actor group with ties to China’s government has broken into the networks of several US broadband providers. Known as…

Cyber threat actors with ties to North Korea’s government have allegedly broken into the network of German air defense system manufacturer Diehl Defence. According to Der Spiegel, the hackers gained…

Kuwait’s Health Ministry announced on Wednesday, September 25, that it had suffered a cyberattack. The incident has disrupted services at several hospitals and has also affected the Health Ministry’s website…

Researchers have found a vulnerability in a Kia web portal that can be exploited to take control of multiple Internet-connected features of Kia automobiles. With the use of the vulnerability…

On September 26, NVIDIA released updates to address two vulnerabilities in NVIDIA Container Toolkit and GPU Operator. Wiz Research detected the issues. Both flaws are Time-of-check Time-of-Use (TOCTOU) race condition…