Technology

Jul 01, 2024NewsroomSupply Chain / Software Security A trio of security flaws has been uncovered in the CocoaPods dependency manager for Swift and Objective-C Cocoa projects that could be exploited to stage software supply chain attacks, putting downstream customers at severe risks. The vulnerabilities allow “any malicious actor to claim ownership over thousands of unclaimed

Microsoft’s partnership with OpenAI could face an EU antitrust investigation as regulators singled out their exclusivity clauses while Google’s artificial intelligence deal with Samsung also triggered scrutiny. EU antitrust regulators will seek additional third-party views, EU competition chief Margrethe Vestager said on Friday. The moves underscore the unease among regulators worldwide on Big Tech leveraging

Jul 01, 2024NewsroomMobile Security / Spyware The threat actor known as Transparent Tribe has continued to unleash malware-laced Android apps as part of a social engineering campaign to target individuals of interest. “These APKs continue the group’s trend of embedding spyware into curated video browsing applications, with a new expansion targeting mobile gamers, weapons enthusiasts,

Apple is said to be developing plans for a more affordable version of the Vision Pro – its first-ever mixed reality (MR) headset. While no release date has been revealed and the device isn’t even official, it is speculated to launch by the end of 2025. According to a recent report, this new headset may

Jun 28, 2024NewsroomNetwork Security / Data Protection A group of security researchers from the Graz University of Technology have demonstrated a new side-channel attack known as SnailLoad that could be used to remotely infer a user’s web activity. “SnailLoad exploits a bottleneck present on all Internet connections,” the researchers said in a study released this

Apple is exploring the use of new technology that will ease the process of replacing the battery on future iPhone models, according to a report. The Cupertino company was previously said to be reworking the design of its battery casing, which could be used as part of the company’s efforts to simplify the process of

The modern kill chain is eluding enterprises because they aren’t protecting the infrastructure of modern business: SaaS. SaaS continues to dominate software adoption, and it accounts for the greatest share of public cloud spending. But enterprises and SMBs alike haven’t revised their security programs or adopted security tooling built for SaaS. Security teams keep jamming

Infinix Note 40S 4G is expected to be launched by the company in the coming weeks, and the company has already revealed the upcoming smartphone’s specifications. The Note 40 series was launched in India earlier this year, and the upcoming 4G handset will feature some of the same specifications, along with a familiar design —

Jun 29, 2024NewsroomCybersecurity / Website Security Google has announced that it’s going to start blocking websites that use certificates from Entrust starting around November 1, 2024, in its Chrome browser, citing compliance failures and the certificate authority’s inability to address security issues in a timely manner. “Over the past several years, publicly disclosed incident reports

The United States and India have extended a standstill agreement on U.S. retaliation over India’s digital-services tax until Sunday, aligning it with a fast-approaching deadline for a global deal to reallocate taxing rights on the world’s biggest and most profitable companies, the U.S. Treasury said on Friday. In a brief announcement, the Treasury said that

Jun 28, 2024NewsroomSoftware Security / DevOps GitLab has released security updates to address 14 security flaws, including one critical vulnerability that could be exploited to run continuous integration and continuous deployment (CI/CD) pipelines as any user. The weaknesses, which affect GitLab Community Edition (CE) and Enterprise Edition (EE), have been addressed in versions 17.1.1, 17.0.3,

OnePlus Watch 2 was launched in India earlier this year and now the wearable debuted in China with a few design tweaks and eSIM connectivity. It features a 1.43-inch AMOLED display and runs on Snapdragon W5 Gen 1 chipset alongside the BES2700 chip. It is offered in two colour options and is backed by a

Jun 28, 2024NewsroomCyber Espionage / Cyber Attack The North Korea-linked threat actor known as Kimsuky has been linked to the use of a new malicious Google Chrome extension that’s designed to steal sensitive information as part of an ongoing intelligence collection effort. Zscaler ThreatLabz, which observed the activity in early March 2024, has codenamed the

Truecaller announced an insurance protection plan to protect users against mobile frauds on Thursday. The plan, dubbed Truecaller Fraud Insurance, is being offered to the paid subscribers of the app on both Android and iOS. The new plan is currently only available in India, and will be rolled out in other regions later. The caller

Jun 28, 2024NewsroomMalware / Cryptocurrency Security researchers have shed more light on the cryptocurrency mining operation conducted by the 8220 Gang by exploiting known security flaws in the Oracle WebLogic Server. “The threat actor employs fileless execution techniques, using DLL reflective and process injection, allowing the malware code to run solely in memory and avoid

CMF Phone 1 is set to make its debut on July 8 alongside the CMF Buds Pro 2 and CMF Watch Pro 2. The Nothing sub-brand is actively sharing teasers about the components used in its upcoming handset, which is expected to arrive in the competitive budget segment. Most recently, CMF has disclosed the chipset

The peer-to-peer malware botnet known as P2PInfect has been found targeting misconfigured Redis servers with ransomware and cryptocurrency miners. The development marks the threat’s transition from what appeared to be a dormant botnet with unclear motives to a financially motivated operation. “With its latest updates to the crypto miner, ransomware payload, and rootkit elements, it

Figma, the website and app design platform, introduced a user interface (UI) redesign and multiple new artificial intelligence (AI) features, on Wednesday. The company is calling the new look UI3 as this is the third significant redesign of the platform since its launch in closed beta in 2016. Alongside, a suite of new AI features

Jun 27, 2024The Hacker NewsArtificial Intelligence / SaaS Security While some SaaS threats are clear and visible, others are hidden in plain sight, both posing significant risks to your organization. Wing’s research indicates that an astounding 99.7% of organizations utilize applications embedded with AI functionalities. These AI-driven tools are indispensable, providing seamless experiences from collaboration

Samsung Galaxy Z Flip 6 and Galaxy Z Fold 6 are expected to debut in the coming days as the latest foldable phones from the South Korean tech conglomerate. On Wednesday, Samsung announced that its next Galaxy Unpacked event of the year would take place on July 10, and the company has now opened pre-order