Security News

New Wi-Fi Vulnerability Enables Network Eavesdropping via Downgrade Attacks

2024-05-16 16:02

Researchers have discovered a new security vulnerability stemming from a design flaw in the IEEE 802.11 Wi-Fi standard that tricks victims into connecting to a less secure wireless network and...

#attack #eavesdropping #vulnerability #wifi #CVE-2023-52424

Critical Git vulnerability allows RCE when cloning repositories with submodules (CVE-2024-32002)

2024-05-16 11:14

New versions of Git are out, with fixes for five vulnerabilities, the most critical of which can be used by attackers to remotely execute code during a "Clone" operation.CVE-2024-32002 is a critical vulnerability that allows specially crafted Git repositories with submodules to trick Git into writing files into a.git/ directory instead of the submodule's worktree.

#vulnerability #critical #RCE #CVE #GIT #CVE-2024-32021 #CVE-2024-32004 #CVE-2024-32002 #CVE-2024-32020 #CVE-2024-32465

Is an open-source AI vulnerability next?

2024-05-16 05:30

Let's explore why open-source AI security is lacking and what security professionals can do to improve it. First, it's essential to acknowledge that AI is not something different from software; it is software.

#AI #opensource #vulnerability

Google Patches Yet Another Actively Exploited Chrome Zero-Day Vulnerability

2024-05-16 03:01

Google has rolled out fixes to address a set of nine security issues in its Chrome browser, including a new zero-day that has been exploited in the wild. Assigned the CVE identifier CVE-2024-4947,...

#chrome #google #vulnerability #zeroday #CVE-2024-4947

New Chrome Zero-Day Vulnerability CVE-2024-4761 Under Active Exploitation

2024-05-14 13:51

Google on Monday shipped emergency fixes to address a new zero-day flaw in the Chrome web browser that has come under active exploitation in the wild. The high-severity vulnerability, tracked...

#chrome #CVE #exploitation #vulnerability #zeroday #CVE-2024-4761

Another Chrome Vulnerability

2024-05-14 11:01

Google has patched another Chrome zero-day: On Thursday, Google said an anonymous source notified it of the vulnerability. The vulnerability carries a severity rating of 8.8 out of 10. In...

#chrome #vulnerability #CVE-2024-4671

How AI affects vulnerability management in open-source software

2024-05-13 04:00

In this Help Net Security video, Itamar Sher, CEO of Seal Security, discusses how AI affects the risk and operational aspects of managing vulnerabilities in open-source software. One of the core issues around open-source vulnerability patch management has been the coupling between security patches and other code changes.

#AI #management #opensource #vulnerability

Chrome Zero-Day Alert — Update Your Browser to Patch New Vulnerability

2024-05-10 10:23

Google on Thursday released security updates to address a zero-day flaw in Chrome that it said has been actively exploited in the wild. Tracked as CVE-2024-4671, the high-severity vulnerability...

#browser #chrome #patch #update #vulnerability #zeroday #CVE-2024-4671

When is One Vulnerability Scanner Not Enough?

2024-05-02 10:25

Like antivirus software, vulnerability scans rely on a database of known weaknesses. That’s why websites like VirusTotal exist, to give cyber practitioners a chance to see whether a malware...

#vulnerability

CISA Warns of Active Exploitation of Severe GitLab Password Reset Vulnerability

2024-05-02 06:15

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical flaw impacting GitLab to its Known Exploited Vulnerabilities (KEV) catalog, owing to active exploitation in...

#cisa #exploitation #gitlab #vulnerability #CVE-2023-7028

Security News {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Security News"}]}

Security News