Dec 23, 2024Ravie LakshmananMachine Learning / Threat Analysis Cybersecurity researchers have found that it’s possible to use large language models (LLMs) to generate new variants of malicious JavaScript code at scale in a manner that can better evade detection. “Although LLMs struggle to create malware from scratch, criminals can easily use them to rewrite or
Technology
Google is reportedly planning to add a new artificial intelligence (AI) feature to its Search. As per the report, the Mountain View, California-based tech giant is working on an AI Mode on Google Search that will allow users to access a conversational interface for searched queries. However, this feature is said to be different from
Dec 23, 2024Ravie LakshmananGDPR / Data Privacy Italy’s data protection authority has fined ChatGPT maker OpenAI a fine of €15 million ($15.66 million) over how the generative artificial intelligence application handles personal data. The fine comes nearly a year after the Garante found that ChatGPT processed users’ information to train its service in violation of
AirPods Pro 3 are expected to launch as a successor to the AirPods Pro (2nd generation), which were unveiled in 2022. The earphones were upgraded with hearing aid capabilities in September 2024 via a software update. Apple is expected to pack several health-tracking features in the third generation of AirPods Pro. An analyst has now claimed that the
Dec 20, 2024Ravie LakshmananCISA / Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical security flaw impacting BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) products to the Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The vulnerability, tracked as CVE-2024-12356 (CVSS score: 9.8),
iPhone 14 and iPhone 14 Plus are no longer listed for purchase in Switzerland, and the company is expected to discontinue sales of its smartphones across the European Union (EU), two years after they were launched, according to a report. The company will stop selling another smartphone that was also introduced in 2022 — the
Dec 20, 2024Ravie LakshmananFirewall Security / Vulnerability Sophos has released hotfixes to address three security flaws in Sophos Firewall products that could be exploited to achieve remote code execution and allow privileged system access under certain conditions. Of the three, two are rated Critical in severity. There is currently no evidence that the shortcomings have
OnePlus Open 2 is expected to launch next year, as the company’s second foldable smartphone. The Chinese smartphone maker did not launch a successor to the first-generation OnePlus Open in 2024, and a tipster has now shed some light on when we can expect the handset to be unveiled. It is expected to make its
A dual Russian and Israeli national has been charged in the United States for allegedly being the developer of the now-defunct LockBit ransomware-as-a-service (RaaS) operation since its inception in or around 2019 through at least February 2024. Rostislav Panev, 51, was arrested in Israel earlier this August and is currently awaiting extradition, the U.S. Department
Alphabet Inc.’s Google called a US Justice Department plan to force it to sell its web browser “extreme” and at odds with the law, urging a federal court judge to take caution lest he stifle innovation and future investment. In a court filing late Friday, Google responded to the DOJ’s request and proposed its own
Dec 20, 2024Ravie LakshmananMalware / Supply Chain Attack The developers of Rspack have revealed that two of their npm packages, @rspack/core and @rspack/cli, were compromised in a software supply chain attack that allowed a malicious actor to publish malicious versions to the official package registry with cryptocurrency mining malware. Following the discovery, versions 1.1.7 of
Samsung has announced price cuts and discounts for its latest Galaxy wearables lineup ahead of Christmas. The Galaxy Watch Ultra and Galaxy Watch 7 are offered at discounted prices as part of the festival sale. Besides smartwatches, the Galaxy Buds 3 series are also getting price cuts. Customers purchasing the Galaxy Ring during the offer period can avail
In the middle of November, roughly four weeks ago, the first of a deluge of reports appeared complaining of large numbers of drones the size of SUVs hovering at night with their lights on over New Jersey. Later more of these reports came in from New York State and Connecticut. And the number of these drone reports
The Lazarus Group, an infamous threat actor linked to the Democratic People’s Republic of Korea (DPRK), has been observed leveraging a “complex infection chain” targeting at least two employees belonging to an unnamed nuclear-related organization within the span of one month in January 2024. The attacks, which culminated in the deployment of a new modular
OpenAI added support for several note-taking and coding apps within the ChatGPT app for macOS on Thursday. The AI firm described this feature as agentic and highlighted that the chatbot will be able to read on-screen information in the supported apps and help users with queries. This feature is currently available to only the paid
Dec 20, 2024Ravie LakshmananVulnerability / Cyber Attack A now-patched critical security flaw impacting Fortinet FortiClient EMS is being exploited by malicious actors as part of a cyber campaign that installed remote desktop software such as AnyDesk and ScreenConnect. The vulnerability in question is CVE-2023-48788 (CVSS score: 9.3), an SQL injection bug that allows attackers to
Honor Magic 7 Lite has been part of the rumour mill for quite some time now. Honor is yet to announce the launch of the new Magic series smartphone, but ahead of it, the handset has been listed on the Honor Italy website revealing its colour options and RAM and storage details. The listing shows
Dec 19, 2024Ravie LakshmananSupply Chain / Software Security Threat actors have been observed uploading malicious typosquats of legitimate npm packages such as typescript-eslint and @types/node that have racked up thousands of downloads on the package registry. The counterfeit versions, named @typescript_eslinter/eslint and types-node, are engineered to download a trojan and retrieve second-stage payloads, respectively. “While
McDonald’s India reportedly left the personal data of its customers and drivers exposed due to a security flaw. As per the report, the vulnerabilities arose due to bugs in the application programming interface (API) of the restaurant franchise’s delivery system. The entire McDonald’s India West and South divisions were said to be affected by this
Dec 18, 2024Ravie LakshmananCyber Attack / Vulnerability Threat actors are attempting to exploit a recently disclosed security flaw impacting Apache Struts that could pave the way for remote code execution. The issue, tracked as CVE-2024-53677, carries a CVSS score of 9.5 out of 10.0, indicating critical severity. The vulnerability shares similarities with another critical bug
- 1
- 2
- 3
- …
- 263
- Next Page »