Major US Carrier Exposed Credit Card Information in Plain Text
A significant security oversight at a major US telecommunications provider allowed an employee to access sensitive customer data, including credit card information, without encryption.
Category Security & Privacy
Ciberseguridad, vulnerabilidades y privacidad
Google Denies Bug Bounty for Unresolved Kubernetes Vulnerability
A researcher reported a significant vulnerability in Google Cloud's Kubernetes operator, which could allow unauthorized access to cloud resources. Despite initial acknowledgment, Google later denied a bug bounty and has yet to issue a fix.
Cybercrime Surges to Over 30% of All Crime in Asia and South Pacific
Interpol's latest report reveals that cyber offenses now constitute more than a third of all crime in the Asia and South Pacific region, driven by advanced scams and AI-enabled attacks.
Crypto Clipper Campaign Exploits Fake Reviews and AI Narrators
A recent campaign has been uncovered that uses deceptive tactics to promote a cryptocurrency clipboard hijacker, targeting unsuspecting users through manipulated online platforms.
Cisco Catalyst SD-WAN Manager Vulnerability Under Active Exploitation
A critical vulnerability in Cisco's Catalyst SD-WAN Manager is currently being exploited, allowing attackers to gain root privileges. Cisco has issued a patch, but the flaw remains a concern for users.
Chinese Hackers Exploit Google Workspace to Steal Sensitive Emails
A China-linked espionage group has infiltrated North American research networks, using a backdoor on REDCap servers to exfiltrate sensitive emails via Google Workspace.
Microsoft Addresses Firmware Flaw in Surface Devices
A firmware vulnerability in Microsoft Surface devices that allowed them to be rendered inoperable has been mostly patched, following its identification through the company's Copilot AI.
AI Coding Agents Encounter Compliance Issues with Jqwik Tool
The author of the jqwik Java testing tool has implemented measures to prevent AI coding agents from using the software, resulting in unexpected deletions of tests and code for those who ignored the warnings.
Former IT Employee Sentenced for Sabotaging School District Systems
Ezekiel Dean Potter, a former IT worker at Saydel Community School District, has been sentenced to 21 months in prison for a series of malicious acts against the district's systems following his termination.
NanoClaw Partners with JFrog to Enhance AI Agent Security
NanoClaw has integrated with JFrog to enable AI agents to securely download resources from vetted registries, addressing concerns about untrusted content.
