A team of researchers has disclosed information on a fresh flaw in Intel CPUs that lets attackers steal encryption keys and other sensitive data from the processors. The vulnerability, known as ” ÆPIC Leak,” is the first of its type…
Multiple UWB RTLS (real-time locating systems) vulnerabilities have been found by security researchers, giving threat actors the ability to conduct man-in-the-middle attacks and modify tag geo-location data. RTLS technology is widely employed in industrial settings, public transportation, healthcare, and applications…
It’s time for a manual update if you use Zoom on a Mac. The most recent version to the video conferencing software closes a bug in the auto-update feature that may have given malicious apps elevated installation privileges and system…
Flashpoint anticipates that the final numbers will be comparable, despite the fact that the number of breaches reported in the first half of 2022 was less than those for the same period in 2021. In addition to compromising sensitive information,…
The Córdoba Judiciary in Argentina has shut down its IT systems following a ransomware attack, which was allegedly carried out by the new ‘Play’ ransomware operation. The incident took place on Saturday, August 13th, and forced the Judiciary to shut…
Introduction Titan M, a security chip included by Google in its Pixel smartphones starting with the Pixel 3, was examined over the course of the previous 18 months by Mr. Damiano Melotti, Mr. Maxime Rossi Bellom, and Mr. Philippe Teuwen.…
Nearly 1,900 Signal users’ phone numbers were made public as a result of the data breach Twilio, a cloud communications provider, had at the beginning of the month. For Signal, Twilio offers phone number verification services. Last week, the company…
Discord RCE Because Discord was being used for their Prototype Pollution study collaboration, the electrovolt team made the decision to pwn it. Since Discord uses ElectronJS for its desktop application, they must admit that at the time they started studying…
How PostgreSQL-as-a-Service solutions from GCP, Azure, and other providers were found to have numerous connected vulnerabilities. The cloud has an isolation problem Tenant isolation is a core tenet of the cloud, and Wiz Research did substantial research on it over…
Unsigned third-party Unified Extensible Firmware Interface (UEFI) boot loaders that allow bypassing of the UEFI Secure Boot feature have been found to have a security feature bypass vulnerability. Hardware security company Eclypsium stated in a report shared with The Hacker…
