相關新聞 | HKCERT

OWASP Discloses a Data Breach Due to Wiki Misconfiguration

In late February 2024, the Foundation received a few support requests and became aware of a misconfiguration of OWASP’s old Wiki web server. The misconfiguration led to a data breach involving old member resumes.

Cyware News 2024年04月02日 93 觀看次數

Red Hat warns of backdoor in XZ tools used by most Linux distros

Today, Red Hat warned users to immediately stop using systems running Fedora development and experimental versions because of a backdoor found in the latest XZ Utils data compression tools and libraries.

Bleeping Computer 2024年04月02日 110 觀看次數

Shopping platform PandaBuy data leak impacts 1.3 million users

Data belonging to more than 1.3 million customers of the PandaBuy online shopping platform has been leaked, allegedly after two threat actors exploited multiple vulnerabilities to breach systems.

Bleeping Computer 2024年04月02日 111 觀看次數

Free VPN apps on Google Play turned Android phones into proxies

Over 15 free VPN apps on Google Play were found using a malicious software development kit that turned Android devices into unwitting residential proxies, likely used for cybercrime and shopping bots. [...]

Bleepingcomputer 2024年03月27日 129 觀看次數

Hackers poison source code from largest Discord bot platform

The Top.gg Discord bot community with over 170,000 members has been impacted by a supply-chain attack aiming to infect developers with malware that steals sensitive information. [...]

Bleepingcomputer 2024年03月26日 178 觀看次數

It's not just you: ChatGPT is down for many worldwide

OpenAI's ChatGPT is down for many people worldwide, with users facing multiple problems, including being unable to access their accounts, having their chat history come up empty, and the chat screens not loading properly. [...]

Bleepingcomputer 2024年03月26日 198 觀看次數

Google's new AI search results promotes sites pushing malware, scams

Google's new AI-powered 'Search Generative Experience' algorithms recommend scam sites that redirect visitors to unwanted Chrome extensions, fake iPhone giveaways, browser spam subscriptions, and tech support scams. [...]

Bleepingcomputer 2024年03月25日 131 觀看次數

Mozilla Fixes Two Firefox Zero-Day Bugs Exploited at Pwn2Own

Mozilla fixed the security flaws in Firefox 124..1 and Firefox ESR 115.9.1 to block potential remote code execution attacks targeting unpatched web browsers on desktop devices.

Cyware News 2024年03月23日 99 觀看次數

Here's why Twitter sends you to a different site than what you clicked

Users of the social media platform X (formerly Twitter) have often been left puzzled when they click on a post with an external link but arrive at an entirely unexpected website from the one displayed in the post.

Bleeping Computer 2024年03月21日 171 觀看次數

New ‘Loop DoS’ attack may impact up to 300,000 online systems

A new denial-of-service attack dubbed 'Loop DoS' targeting application layer protocols can pair network services into an indefinite communication loop that creates large volumes of traffic.

Bleeping Computer 2024年03月21日 135 觀看次數