The threat actor known as Blind Eagle has been linked to a series of ongoing campaigns targeting Colombian institutions and government entities since November 2024. “The monitored campaigns targeted Colombian judicial institutions and other government or private organizations, with high infection rates,” Check Point said in a new analysis. “More than 1,600 victims were affected … Read more
A serious security vulnerability has been found in popular stalkerware apps, exposing the sensitive personal information and communications of millions of people. Stalkerware is a type of spyware, frequently used to spy on every message sent or received by a romantic partner, learn who they are speaking to on their phone, learn their location, or … Read more
A flaw rated “critical” in Nvidia server tools could potentially allow attackers to compromise AI servers.Researchers with Wiz identified the flaw last year, which could allow an attacker to escape a container and execute high level commands or view data from other containers on the host machine.Administrators are being advised to update their Nvidia Container … Read more
An unpatched vulnerability in the Ivanti Connect Secure VPN has been under active attack. Researchers with Google’s Mandiant Cloud security team said that one or more threat actors are currently exploiting CVE-2025-0282 for remote takeover attacks on targeted networks. The flaw, originally exploited as a zero-day vulnerability, has since been given an emergency patch and … Read more
Dec 27, 2024Ravie LakshmananVulnerability / Software Security The Apache Software Foundation (ASF) has released patches to address a maximum severity vulnerability in the MINA Java network application framework that could result in remote code execution under specific conditions. Tracked as CVE-2024-52046, the vulnerability carries a CVSS score of 10.0. It affects versions 2.0.X, 2.1.X, and … Read more