Security News

Filter by:

Microsoft: Hackers steal emails in device code phishing attacks

An active campaign from a threat actor potentially linked to Russia is targeting Microsoft 365 accounts of individuals at organizations of interest using device code phishing.
Bleeping Computer 17 Feb 2025 1441 Views

This open text-to-speech model needs just seconds of audio to clone your voice

El Reg shows you how to run Zyphra's speech-replicating AI on your own box Hands on  Palo Alto-based AI startup Zyphra unveiled a pair of open text-to-speech (TTS) models this week said to be capable of...
The Register 17 Feb 2025 5134 Views

Twin Google flaws allowed researcher to get from YouTube ID to Gmail address in a few easy steps

PLUS: DOGE web design disappoints; FBI stops crypto scams; Zacks attacked again; and more! Infosec In Brief  A security researcher has found that Google could leak the email addresses of YouTube channels, which wasn’t good because the search and ads giant...
The Register 17 Feb 2025 4442 Views

Hacker leaks account data of 12 million Zacks Investment users

Zacks Investment Research (Zacks) last year reportedly suffered another data breach that exposed sensitive information related to roughly 12 million accounts. [...]
Bleepingcomputer 14 Feb 2025 1317 Views

SonicWall firewall exploit lets hackers hijack VPN sessions, patch now

Security researchers at Bishop Fox have published complete exploitation details for the CVE-2024-53704 vulnerability that allows bypassing the authentication mechanism in certain versions of the SonicOS SSLVPN application. [...]
Bleepingcomputer 11 Feb 2025 1445 Views

Malicious ML Models on Hugging Face Leverage Broken Pickle Format to Evade Detection

Cybersecurity researchers have uncovered two malicious machine learning (ML) models on Hugging Face that leveraged an unusual technique of "broken" pickle files to evade detection. "The pickle files extracted from the mentioned PyTorch archives revealed the malicious Python content at the beginning of the file...
The Hacker News 8 Feb 2025 10384 Views

Critical Cisco ISE bug can let attackers run commands as root

Cisco has fixed two critical Identity Services Engine (ISE) vulnerabilities that can let attackers with read-only admin privileges bypass authorization and run commands as root. [...]
Bleepingcomputer 7 Feb 2025 1789 Views

7-Zip 0-day was exploited in Russia’s ongoing invasion of Ukraine

Vulnerability stripped MotW tag Windows uses to flag Internet-downloaded files.
Ars Technica 6 Feb 2025 1655 Views

AMD fixes bug that lets hackers load malicious microcode patches

​AMD has released mitigation and firmware updates to address a high-severity vulnerability that can be exploited to load malicious CPU microcode on unpatched devices. [...]
Bleepingcomputer 6 Feb 2025 1928 Views

Google releases responsible AI report while removing its anti-weapons pledge

The company's annual reflection on safe AI development comes amid shifting guidance around military AI.
ZDnet 6 Feb 2025 2115 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY