All articles tagged with #software vulnerabilities
Originally Published 28 days ago — by The Hacker News
This weekly cybersecurity recap highlights active exploits and critical vulnerabilities in popular software like Apple, WinRAR, and .NET, along with emerging threats such as OAuth scams, sophisticated phishing campaigns, and state-sponsored cyber espionage, emphasizing the urgent need for timely security updates and vigilance.
Originally Published 1 year ago — by Quartz
Security firm Bitdefender discovered software vulnerabilities in LG smart TVs, impacting about 91,000 devices worldwide and potentially allowing hackers to hijack the TVs. The bugs could grant invasive privileges, including the ability to gain root access and fully take over the TV. Users are advised to update their devices to the latest software version to ensure security, as LG released a patch for the security issues as part of its latest update on March 22.
Originally Published 1 year ago — by Gizmodo
Security firm Bitdefender discovered software vulnerabilities in LG smart TVs that could allow hackers to hijack the devices, impacting about 91,000 devices worldwide. The bugs could grant invasive privileges, potentially allowing hackers to take over the TV and access personal data. LG has released a patch for the security issues, so users should ensure their TV is updated to the latest software version to protect against potential exploitation.
Originally Published 2 years ago — by The Hacker News
Over 15,000 Go module repositories on GitHub are vulnerable to repojacking, an attack technique that takes advantage of account username changes and deletions to create repositories with the same name and stage open-source software supply chain attacks. These repositories account for at least 800,000 Go module-versions. Go modules are particularly susceptible to repojacking due to their decentralized nature. GitHub has implemented countermeasures, but they are not effective for Go modules. The responsibility to mitigate repojackings lies with Go or GitHub, and in the meantime, Go developers are advised to be cautious about the modules they use. Additionally, 1,681 exposed API tokens on Hugging Face and GitHub have been discovered, potentially enabling supply chain attacks, training data poisoning, and model theft.
Originally Published 2 years ago — by Reuters
Russia's Federal Security Service (FSB) has accused the US National Security Agency (NSA) of using previously unknown malware to access specially made backdoor vulnerabilities in Apple phones. The FSB said that several thousand Apple phones had been infected, including those of domestic Russian subscribers, as well as telephones belonging to foreign diplomats based in Russia and the former Soviet Union, including those from NATO members, Israel, Syria and China. The FSB said the plot showed the close relationship between Apple and the NSA, the US agency responsible for US cryptographic and communications intelligence and security.