Aggregator

谷歌 2024 年漏洞赏金计划，1200 万美元奖励安全研究人员，诚邀白帽黑客找bug

A vulnerability was found in djeet Finale Lite Plugin up to 2.19.0 on WordPress and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2024-12589. The attack may be launched remotely. There is no exploit available.

关于哪些职业会受到AI冲击的讨论从未停止，而渗透测试（Pentesting）最近也被推到了风口浪尖。

平均每人可领取超13万元

Luchtverdedigings- en commandofregat Zr.Ms. De Ruyter heeft gisteren een Tomahawk-raket gelanceerd. Dat gebeurde voor de kust van het Amerikaanse Norfolk. Het was voor het eerst dat een Nederlands marineschip dit type raket afschoot.

A threat actor operating under the alias “Rey” has allegedly compromised the internal systems of Jaguar Land Rover (JLR), one of the United Kingdom’s most prominent automotive manufacturers, and leaked approximately 700 internal documents containing sensitive technical and operational data.  The breach, first announced on a dark web forum frequented by cybersecurity researchers and malicious […]

The post Jaguar Land Rover Allegedly Hacked – Threat Actor Leaked 700 Internal Documents appeared first on Cyber Security News.

Microsoft Threat Intelligence has discovered a new variant of XCSSET, a sophisticated modular macOS malware that infects Xcode projects and executes when developers build these projects. This is the first known XCSSET variant since 2022, featuring enhanced obfuscation methods, updated persistence mechanisms, and new infection strategies designed to steal sensitive information from macOS users. The […]

The post New XCSSET Malware Attacking macOS Users With Enhanced Obfuscation appeared first on Cyber Security News.

台积电向英伟达、AMD 和博通公司发出成立合资企业的提议，该合资企业将运营英特尔的芯片工厂，台积电负责芯片制造业务的运营，其持股比例不超过 50%。高通公司也是台积电积极推销该计划的对象之一。关于英特尔的任何交易都需要特朗普政府的批准，特朗普政府不希望由外资完全拥有英特尔或其芯片制造业务。英特尔、台积电、英伟达、AMD 和高通都拒绝置评这一报道。芯片巨头的市值过去一年下跌了一半以上，2024 年净亏损 188 亿美元。报道称，英特尔拒绝将其芯片设计和制造业务分开出售。而台积电希望合资企业的投资者也将成为公司的主要客户。

A sophisticated malware campaign leveraging artificial intelligence to create deceptive GitHub repositories has been observed distributing SmartLoader payloads that ultimately deploy Lumma Stealer, a dangerous information-stealing malware.  This operation exploits GitHub’s trusted reputation to bypass security defenses, targeting users seeking gaming mods, cracked software, and cryptocurrency tools through AI-generated documentation and strategically obfuscated scripts. GitHub […]

The post Beware! AI-Assisted Fake GitHub Repositories Steal Sensitive Data Including Login Credentials appeared first on Cyber Security News.

Как распределят миллионы, изъятые у IT-мошенников.

A threat actor known as “Rey” has come forward on a prominent dark web forum, claiming responsibility for a significant cyberattack on Jaguar Land Rover. The British multinational automotive company, renowned for its luxury and off-road vehicles, is said to have suffered a data breach that has exposed a substantial amount of internal data. Details […]

The post Jaguar Land Rover Allegedly Hacked – 700 Internal Documents Including Source Code Leaked appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability has been found in uncannyowl Uncanny Automator Plugin up to 6.2 on WordPress and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to server-side request forgery. This vulnerability is known as CVE-2024-13838. The attack can be launched remotely. There is no exploit available.