China-linked APT Volt Typhoon remained undetected for years in US infrastructure
China-linked APT Volt Typhoon infiltrated a critical infrastructure network in the US and remained undetected for at least five years.…
Security
Cisco fixes critical Expressway Series CSRF vulnerabilities
CISCO fixed two critical flaws in Expressway Series collaboration gateways exposing vulnerable devices to cross-site request forgery (CSRF) attacks. Cisco…
CISA adds Google Chromium V8 Type Confusion bug to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Google Chromium V8 Type Confusion bug to its Known Exploited Vulnerabilities catalog.…
Fortinet addressed two critical FortiSIEM vulnerabilities
Fortinet warns of two critical OS command injection vulnerabilities in FortiSIEM that could allow remote attackers to execute arbitrary code…
Experts warn of a critical bug in JetBrains TeamCity On-Premises
A new vulnerability in JetBrains TeamCity On-Premises can be exploited by threat actors to take over vulnerable instances. JetBrains addressed…
Digital Experience Monitoring | What Is DEM?
Introduction to Digital Experience Monitoring: Illuminating the Basics In an era governed by technology, the satisfaction of an end-user is…
Critical shim bug impacts every Linux boot loader signed in the past decade
The maintainers of Shim addressed six vulnerabilities, including a critical flaw that could potentially lead to remote code execution. The…
Teaching LLMs to Be Deceptive
Interesting research: “Sleeper Agents: Training Deceptive LLMs that Persist Through Safety Training“: Abstract: Humans are capable of strategically deceptive behavior:…
China-linked APT deployed malware in a network of the Dutch Ministry of Defence
China-linked APT group breached the Dutch Ministry of Defence last year and installed malware on compromised systems. Dutch Military Intelligence…
Commercial spyware vendors are behind most zero-day exploits discovered by Google TAG
Google’s TAG revealed that Commercial spyware vendors (CSV) were behind most of the zero-day vulnerabilities discovered in 2023. The latest…