Blog
Critical Vulnerability Found in Ray AI Framework
CVE-2023-48023 is rooted in the fact that, in its default configuration, Ray does not enforce authentication, and does not appear to support any type of authorization model.
Critical Vulnerability Found in Ray AI Framework
CVE-2023-48023 is rooted in the fact that, in its default configuration, Ray does not enforce authentication, and does not appear to support any type of authorization model.
Critical Vulnerability Found in Ray AI Framework
CVE-2023-48023 is rooted in the fact that, in its default configuration, Ray does not enforce authentication, and does not appear to support any type of authorization model.
GoTitan Botnet – Ongoing Exploitation on Apache ActiveMQ
The attacker initiates a connection to ActiveMQ through the OpenWire protocol, typically on port 61616. By transmitting a crafted packet, the attacker triggers the system to unmarshal a class under their control.
Critics of Serbia’s government targeted with ‘military-grade spyware’
The Serbians had been targeted about a minute apart from each other on or about 16 August 2023. Researchers discovered traces of the attempted attack, which sought to take advantage of a possible vulnerability in iPhone’s HomeKit application.
Hackers Spent Over Two Years Stealing Secrets of Chipmaker NXP
The breach wasn’t uncovered until Chimera intruders were detected in a separate company network that connected to compromised NXP systems on several occasions. Details of the breach remained a closely guarded secret until now.
Hospital Chain Hit With Ransomware Attack
Ardent proactively took its network offline, suspending all user access. Some facilities are rescheduling non-emergent, elective procedures and diverting some emergency room patients to other area hospitals until systems are back online.
Update: Daixin Team Claimed the Hack of North Texas Municipal Water District
The Daixin Team group added NTMWD to the list of victims on its Tor leak site. The gang claims to have stolen a huge amount of sensitive data from the company and threatens to publish it.
Ethyrial: Echoes of Yore hacked! 17,000 game accounts “lost”
All 17,000 user accounts and characters have been lost in this hack. BUT We will personally, manually restore every item, level, title, pet, etc. that was lost during this event when the servers are back up.
Design Flaw in Google Workspace Could Let Attackers Gain Unauthorized Access
Cybersecurity researchers have detailed a "severe design flaw" in Google Workspace's domain-wide delegation (DWD) feature that could be exploited by threat actors to facilitate privilege escalation and obtain unauthorized access to Workspace APIs without super admin...
FREE GUIDE