Technology

Jan 24, 2025Ravie LakshmananVulnerability / JavaScript The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday placed a now-patched security flaw impacting the popular jQuery JavaScript library to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The medium-severity vulnerability is CVE-2020-11023 (CVSS score: 6.1/6.9), a nearly five-year-old cross-site scripting (XSS) bug

Meta Platforms Inc. is working on upgrades to its popular smart glasses and is exploring new wearable devices such as watches and camera-equipped earbuds, aiming to embed its artificial intelligence features into more products. The effort includes developing Oakley-branded smart glasses for athletes this year, according to people with knowledge of the matter. Meta’s devices

The U.S. Department of Justice (DoJ) on Thursday indicted two North Korean nationals, a Mexican national, and two of its own citizens for their alleged involvement in the ongoing fraudulent information technology (IT) worker scheme that seeks to generate revenue for the Democratic People’s Republic of Korea (DPRK) in violation of international sanctions. The action

iPhone 17 series — comprising the purported iPhone 17, iPhone 17 Air, iPhone 17 Pro, and iPhone 17 Pro Max — could arrive without any major changes to the Dynamic Island this year, according to a market analyst. The latest claim contradicts previous claims that Apple would reduce the size of the Dynamic Island, which

The modern workplace has undergone a seismic transformation over recent years, with hybrid work becoming the norm and businesses rapidly adopting cloud-based Software-as-a-Service (SaaS) applications to facilitate it. SaaS applications like Microsoft 365 and Google Workspace have now become the backbone of business operations, enabling seamless collaboration and productivity. However, this dependence on SaaS solutions

Xiaomi 15 Ultra is expected to launch in the coming weeks, as the company’s top-of-the-line model in the flagship series. Previous reports suggest that the handset will be equipped with a Snapdragon 8 Elite and a quad rear camera setup. Now, a tipster has leaked a hands-on image of the purported Xiaomi 15 Ultra, giving

Jan 24, 2025Ravie LakshmananTelecom Security / Vulnerability A group of academics has disclosed details of over 100 security vulnerabilities impacting LTE and 5G implementations that could be exploited by an attacker to disrupt access to service and even gain a foothold into the cellular core network. The 119 vulnerabilities, assigned 97 unique CVE identifiers, span

Anthropic introduced a new application programming interface (API) feature on Thursday to let developers ground the responses generated by artificial intelligence (AI) models. Dubbed Citations, the feature allows developers to restrict the output generation of the Claude family of AI models to source documents. This is aimed at improving the reliability and accuracy of the

Jan 24, 2025Ravie LakshmananBiometric / Mobile Security Google has launched a new feature called Identity Check for supported Android devices that locks sensitive settings behind biometric authentication when outside of trusted locations. “When you turn on Identity Check, your device will require explicit biometric authentication to access certain sensitive resources when you’re outside of trusted

Samsung once again teased its upcoming extended reality (XR) headset, dubbed ‘Project Moohan’, this time at the Galaxy Unpacked 2025 event in San Jose, California on Wednesday. During the announcement, a silhouette of an XR headset graced the screen with an appearance remarkably similar to the Apple Vision Pro. While the South Korean technology conglomerate

Jan 23, 2025Ravie LakshmananFirmware Security / Vulnerability An exhaustive evaluation of three firewall models from Palo Alto Networks has uncovered a host of known security flaws impacting the devices’ firmware as well as misconfigured security features. “These weren’t obscure, corner-case vulnerabilities,” security vendor Eclypsium said in a report shared with The Hacker News. “Instead these

Samsung Galaxy S25 Edge — previously referred to as the S25 Slim — was officially teased at the 2025 Galaxy Unpacked event on Wednesday. The company launched the flagship Samsung Galaxy S25, Galaxy S25+ and Galaxy S25 Ultra handsets on the same day. The upcoming Galaxy S25 Edge variant is expected to be thinner than the other Galaxy S25 series phones.

Jan 23, 2025Ravie LakshmananNetwork Security / Vulnerability Cisco has released software updates to address a critical security flaw impacting Meeting Management that could permit a remote, authenticated attacker to gain administrator privileges on susceptible instances. The vulnerability, tracked as CVE-2025-20156, carries a CVSS score of 9.9 out 10.0. It has been described as a privilege

Samsung on Wednesday unveiled its latest range of Galaxy smartphones globally at its Galaxy Unpacked event. In India, Samsung will bring all of its newly launched models, which include the Galaxy S25 Ultra, which continues to offer the S Pen functionality this year, as well as the Samsung Galaxy S25 and the slightly larger Galaxy

Jan 22, 2025Ravie LakshmananCybersecurity / National Security The new Trump administration has terminated all memberships of advisory committees that report to the Department of Homeland Security (DHS). “In alignment with the Department of Homeland Security’s (DHS) commitment to eliminating the misuse of resources and ensuring that DHS activities prioritize our national security, I am directing

Rajan Bharti Mittal, Vice Chairman of Bharti Enterprises, said on Tuesday that its satellite telecom service was ready for rollout in India, and they were now waiting for the centre’s greenlight. “In India, we are waiting for, as you know, the spectrum allocation to be done. Both our stations are ready, one in Gujarat and

A previously undocumented China-aligned advanced persistent threat (APT) group named PlushDaemon has been linked to a supply chain attack targeting a South Korean virtual private network (VPN) provider in 2023, according to new findings from ESET. “The attackers replaced the legitimate installer with one that also deployed the group’s signature implant that we have named

After an Oppo executive recently teased the arrival of a new smartwatch on Weibo, two watch models have now been listed on a Chinese certification website. These wearables have distinct model numbers, colourways, and battery capacities. There are also some differences in their design, and both of these appear a bit different when compared to

Jan 21, 2025Ravie LakshmananBotnet / Vulnerability Cybersecurity researchers have warned of a new large-scale campaign that exploits security flaws in AVTECH IP cameras and Huawei HG532 routers to rope the devices into a Mirai botnet variant dubbed Murdoc Botnet. The ongoing activity “demonstrates enhanced capabilities, exploiting vulnerabilities to compromise devices and establish expansive botnet networks,”

Apple introduced the iPad Air lineup with an M2 chip at its ‘Let Loose’ event in May last year. Now, the Cupertino-based company is said to be preparing to launch its next-generation iPad Air. Ahead of any official confirmation from Apple, a new leak has revealed some of the potential names, display sizes and processors