Tag: exploits
-
Cisco Talos Blog: Russian state-sponsored espionage group Static Tundra compromises unpatched end-of-life network devices
Source URL: https://blog.talosintelligence.com/static-tundra/ Source: Cisco Talos Blog Title: Russian state-sponsored espionage group Static Tundra compromises unpatched end-of-life network devices Feedly Summary: A Russian state-sponsored group, Static Tundra, is exploiting an old Cisco IOS vulnerability to compromise unpatched network devices worldwide, targeting key sectors for intelligence gathering. AI Summary and Description: Yes Summary: The text provides…
-
The Register: Boffins say tool can sniff 5G traffic, launch ‘attacks’ without using rogue base stations
Source URL: https://www.theregister.com/2025/08/18/sni5gect/ Source: The Register Title: Boffins say tool can sniff 5G traffic, launch ‘attacks’ without using rogue base stations Feedly Summary: Sni5Gect research crew targets sweet spot during device / network handshake pause Security boffins have released an open source tool for poking holes in 5G mobile networks, claiming it can do up-…
-
Embrace The Red: Data Exfiltration via Image Rendering Fixed in Amp Code
Source URL: https://embracethered.com/blog/posts/2025/amp-code-fixed-data-exfiltration-via-images/ Source: Embrace The Red Title: Data Exfiltration via Image Rendering Fixed in Amp Code Feedly Summary: In this post we discuss a vulnerability that was present in Amp Code from Sourcegraph by which an attacker could exploit markdown driven image rendering to exfiltrate sensitive information. This vulnerability is common in AI applications…
-
Slashdot: AI Is Reshaping Hacking. No One Agrees How Fast
Source URL: https://it.slashdot.org/story/25/08/16/1936221/ai-is-reshaping-hacking-no-one-agrees-how-fast Source: Slashdot Title: AI Is Reshaping Hacking. No One Agrees How Fast Feedly Summary: AI Summary and Description: Yes Summary: The text discusses advancements in AI agents presented at the Black Hat conference, highlighting how these innovations could potentially enhance the capabilities of cybersecurity defenders. However, it also underscores the duality of…
-
Cisco Talos Blog: UAT-7237 targets Taiwanese web hosting infrastructure
Source URL: https://blog.talosintelligence.com/uat-7237-targets-web-hosting-infra/ Source: Cisco Talos Blog Title: UAT-7237 targets Taiwanese web hosting infrastructure Feedly Summary: Cisco Talos discovered UAT-7237, a Chinese-speaking advanced persistent threat (APT) group active since at least 2022, which has significant overlaps with UAT-5918. AI Summary and Description: Yes Summary: The text discusses the activities of UAT-7237, a Chinese-speaking advanced persistent…
-
The Cloudflare Blog: MadeYouReset: An HTTP/2 vulnerability thwarted by Rapid Reset mitigations
Source URL: https://blog.cloudflare.com/madeyoureset-an-http-2-vulnerability-thwarted-by-rapid-reset-mitigations/ Source: The Cloudflare Blog Title: MadeYouReset: An HTTP/2 vulnerability thwarted by Rapid Reset mitigations Feedly Summary: A new HTTP/2 denial-of-service (DoS) vulnerability called MadeYouReset was recently disclosed by security researchers. Cloudflare HTTP DDoS mitigation, already protects from MadeYouReset. AI Summary and Description: Yes Summary: The text discusses a newly identified HTTP/2 DoS…
-
The Register: Russia’s RomCom among those exploiting a WinRAR 0-day in highly-targeted attacks
Source URL: https://www.theregister.com/2025/08/11/russias_romcom_among_those_exploiting/ Source: The Register Title: Russia’s RomCom among those exploiting a WinRAR 0-day in highly-targeted attacks Feedly Summary: A few weeks earlier ‘zeroplayer’ advertised an $80K WinRAR 0-day exploit Russia-linked attackers found and exploited a high-severity WinRAR vulnerability before the maintainers of the Windows file archiver issued a fix.… AI Summary and Description:…