Viry a Červi
These 17,000 unpatched Microsoft Exchange servers are a ticking time bomb
The German Federal Office for Information Security (BSI) has issued an urgent alert about the poor state of Microsoft Exchange Server patching in the country.…
AI hallucinates software packages and devs download them – even if potentially poisoned with malware
In-depth Several big businesses have published source code that incorporates a software package previously hallucinated by generative AI.…
Execs in Japan busted for winning dev bids then outsourcing to North Koreans
Two executives were issued arrest warrants in Japan on Wednesday, reportedly for charges related to establishing a business that outsourced work to North Korean IT engineers.…
China encouraged armed offensive against Myanmar government to protest proliferation of online scams
The military junta controlling Myanmar has struggled to control all of its territory thanks in part to China backing rebel forces as a way of expressing its displeasure about cyberscam centers operating from the country.…
Apple fans deluged with phony password reset requests
Apple device owners, consider yourselves warned: a targeted multi-factor authentication bombing campaign is under way, with the goal of exhausting iUsers into allowing an unwanted password reset.…
Majority of Americans now use ad blockers
More than half of Americans are using ad blocking software, and among advertising, programming, and security professionals that fraction is more like two-thirds to three-quarters.…
'Thousands' of businesses at mercy of miscreants thanks to unpatched Ray AI flaw
Thousands of companies remain vulnerable to a remote-code-execution bug in Ray, an open-source AI framework used by Amazon, OpenAI, and others, that is being abused by miscreants in the wild to steal sensitive data and illicitly mine for cryptocurrency.…
Meta accused of snarfing people's Snapchat data via traffic decryption
To spy on rival Snapchat and get data on how the app was being used, Meta – when it was operating as Facebook – allegedly initiated a program called Project Ghostbusters, which intercepted data traffic from mobile apps. And it used that data to harm its competitors' ad business.…
Miscreants are exploiting enterprise tech zero days more and more, Google warns
The discovery and exploitation of zero-day vulnerabilities in enterprise-specific software and appliances appears to be outpacing the leveraging of zero-day bugs overall, judging by Google's latest research.…