Xerox Corporation has issued an urgent security advisory regarding critical vulnerabilities in its FreeFlow Core software version 8.0.4. These flaws could allow malicious actors to perform server-side request forgery (SSRF) attacks and execute remote code on affected systems, posing a significant threat to organizations relying on this software. The issues affect FreeFlow Core version 8.0.4…

Continue Reading

Cybersecurity researchers from Eclypsium in recent analysis have uncovered a serious vulnerability affecting certain Lenovo webcams that run on Linux-based firmware. This flaw allows an attacker with remote access to reflash the device’s firmware, turning it into a covert attack tool capable of injecting keystrokes or establishing persistent backdoors — all without physical access. The…

Continue Reading

Security researchers recently received a series of zero-click vulnerabilities in Windows that could turn critical infrastructure into a global botnet. In a presentation at DEF CON 33, the world’s largest hacking convention, SafeBreach Labs researchersrevealed a new class of exploits dubbed the “Win-DoS Epidemic.” These flaws, found across core Windows components, enable attackers to crash…

Continue Reading

In its recent security advisory, Juniper Networks has addressed a series of critical vulnerabilities affecting Juniper Secure Analytics (JSA), a tool designed to help enterprises monitor, analyze, and protect their network infrastructure. This update resolves multiple security issues that could have potentially severe consequences for organizations relying on JSA for network security management. These issues…

Continue Reading

Recent research by cybersecurity company Modat uncovered a significant concern with healthcare devices connected to the internet. Over 1.2 million devices were found to be accessible without proper security controls, presenting risks that expose sensitive patient data, including medical images and personal information, to unauthorized parties. Their research used advanced scanning tools to identify vulnerable…

Continue Reading

Project Ire is a new AI-powered system designed to autonomously analyze and classify software files for malicious activity. Developed by Microsoft through collaboration between Microsoft Research and cybersecurity teams, this system aims to improve the speed and accuracy of malware detection across vast numbers of files. Project Ire is an autonomous AI agent capable of…

Continue Reading

WhatsApp has announced a range of new tools and safety tips aimed at helping users recognize and avoid scams. The platform has introduced new safety features aimed at alerting users when they are targeted by scams. One such feature shows a safety overview when someone not in your contacts adds you to a new group.…

Continue Reading