IdentityKaspersky researchers punch holes in biometrics hardware securityShaun NicholsJune 12, 2024Kaspersky Lab researchers disclosed a number of vulnerabilities in a popular brand of biometrics scanners.
RansomwareBlack Basta exploits patched Windows privilege escalation bugSteve ZurierJune 12, 2024Security pros say while the bug was patched, many companies likely have not patched it because the bug had a CVSS score below 8.
Vulnerability ManagementCritical ‘low complexity’ Windows bug patched; Part of June 2024 Patch TuesdayShaun NicholsJune 11, 2024Microsoft's June Patch Tuesday system fixes include one critical Windows bug and dozens more flaws that experts advise users patch ASAP.
Application securityGitHub phishing campaign wipes repos, extorts victimsLaura FrenchJune 11, 2024A threat actor called Gitloker is exploiting GitHub’s mention notification system to fool victims.
RansomwarePHP flaw exploited by TellYouThePass ransomware campaignSteve ZurierJune 11, 2024Security pros say security teams need to patch right away because so many organizations use PHP.
Application securityVSCode extensions with malicious code installed 229M timesLaura FrenchJune 10, 2024Researchers issued an open letter to Microsoft requesting better security for its IDE marketplace.
Cloud SecurityHackers take aim at Snowflake in newly discovered cloud attacksShaun NicholsJune 10, 2024Customers of embattled IT services provider Snowflake are being targeted for attacks using stolen credentials.
Network SecurityNvidia patches five high-severity bugs in its softwareSteve ZurierJune 10, 2024Nvidia’s high-profile status in the market will lead to an increase in security research.
AI/MLMicrosoft rethinks Recall feature for Copilot after backlash over securityLaura FrenchJune 7, 2024The feature will no longer be on by default and will come with additional security measures.
Network SecurityPHP updates urged over critical vulnerability that could lead to RCEShaun NicholsJune 7, 2024Administrators are being advised to update their systems following the disclosure of a critical vulnerability in PHP