Research Exposes Cryptographic Vulnerabilities in E2EE Cloud Storage Systems
Researchers from ETH Zurich, Jonas Hofmann and Kien Tuong Truong uncovered significant security flaws in five popular end-to-end encrypted (E2EE) clo…
Research
SnailLoad - New Side-Channel Network Latency Attack
Researchers at Graz University of Technology have unveiled a novel side-channel attack technique named " SnailLoad ." This innovative appr…
Mandiant Uncovers China-Linked Cyberattack Campaign
Mandiant researchers have shed light on the extensive cyberattacks conducted by a suspected Chinese state-sponsored hacking group known as UNC3886. …
Major Keyboard Apps Leak User Keystrokes to Network Eavesdroppers
In a startling new report , researchers at Citizen Lab have revealed critical vulnerabilities in popular mobile keyboard apps used by over a billion …
Newly Uncovered "Branch History Injection" Attack Bypass Spectre Mitigations
A team of cybersecurity researchers has unveiled a new variant of the notorious Spectre v2 vulnerability , dubbed " Branch History Injection &qu…
Microsoft Falls Short in Email Security, Research Reveals
A recent report by VIPRE Security Group reveals that email-based threats have undergone significant changes in 2024, necessitating the adoption of ad…
New Research Exposes Privacy Risks of WebGPU Browser API
A team of academics has published a research paper demonstrating how the WebGPU API, designed to boost graphics performance in web browsers, can be a…
New Flaw in Apple, AMD, and Qualcomm GPUs Could Expose AI Data
A new vulnerability called LeftoverLocals has been discovered that allows attackers to steal sensitive data processed on graphics processing units (…
'Zero-Click' Bluetooth Attacks Pose Serious Threat Across Major Operating Systems
Bluetooth technologies power wireless keyboards, mice, game controllers and other peripherals used by billions of devices worldwide. However new rese…
New 'Mayhem' Attack Bypasses Security in OpenSSH, OpenSSL and MySQL via Fault Injection
A new paper titled " Mayhem: Targeted Corruption of Register and Stack Variables " reveals a critical security vulnerability that could all…
Researchers say MOVEit Bug is not just SQL injection, its RCE
Since Thursday, cybersecurity experts have raised alarms about the new vulnerability — tagged as CVE-2023-34362 — affecting Progress Software’s MOVE…
Operation Triangulation: Unveiling A Sophisticated Cyberattack Campaign Targeting iOS Devices
An insidious cyber campaign named ' Operation Triangulation ' has been unveiled by cybersecurity firm Kaspersky. The campaign has been ongoin…
ÆPIC Leak — Flaws in Intel CPU that Leaks Sensitive Data
A couple of researchers from Sapienza University of Rome and Graz University of Technology have discovered a new vulnerability dubbed " ÆPIC Lea…
New 'Ducktail' Malware Hijacking Facebook Business Accounts
Security vendor 'WithSecure' F-Secure’s enterprise security arm published the report on an ongoing operation (dubbed "DUCKTAIL") th…
"SATAn" — A New Way to Exfiltrate Data from Air-Gapped PCs using SATA cables
Security researchers at the Department of Software and Information Systems Engineering, Ben-Gurion University of the Negev, Israel, have discovered a…
Hertzbleed — New Side-Channel Attack Affects Intel, AMD CPUs
A new side-channel attack known as Hertzbleed allows remote attackers to steal full cryptographic keys from remote servers that were previously belie…
NotGitBleed: Credentials Leaks on GitHub and Other Datastores
A security consulting and education company, MDSec labs have discovered the misconfiguration and human error called " NotGitBleed ", which …