Recent research by Wiz Security has identified a significant chain of vulnerabilities within NVIDIA’s Triton Inference Server, a widely used platform for deploying AI models at scale. When exploited in sequence, these flaws could enable unauthenticated attackers to gain full control over affected servers, leading to remote code execution (RCE). The vulnerabilities, assigned CVE (Common

Continue Reading

The Mozilla Foundation, creators of the Firefox browser, has issued an important warning for developers and users about a new phishing campaign targeting Mozilla Add-ons (AMO) accounts. These fake emails that appear to be from Mozilla or AMO, often claiming that your account needs an update or verification to continue accessing developer features. These messages

Continue Reading

Bitdefender has identified critical security vulnerabilities in the firmware of the Dahua Hero C1 (DH-H4C) smart camera series. These vulnerabilities, affecting the device’s ONVIF protocol and file upload handlers, could allow unauthenticated attackers to remotely execute arbitrary commands, potentially taking full control of the device. The vulnerabilities were verified on a Dahua Hero C1 (DH-H4C)

Continue Reading

Pi-hole, a trusted and widely adopted open-source network security solution, experienced a security incident involving the inadvertent exposure of user information submitted through its donation page. The breach was limited to names and email addresses; no payment details or verified personal information were compromised. The exposure occurred when donor names and email addresses entered via

Continue Reading

WordPress sites using the AI Engine plugin should be aware of a recently discovered security vulnerability that could allow malicious actors to upload arbitrary files and potentially take control of affected websites. On July 18th, 2025, a security report submitted to Wordfence revealed an Arbitrary File Upload vulnerability in the AI Engine plugin, which is

Continue Reading

The Cybersecurity and Infrastructure Security Agency (CISA), working alongside Sandia National Laboratories, has announced that Thorium is now available for public use. This platform is designed to help cybersecurity teams automate file analysis and improve the efficiency of their threat detection workflows. Scalable Solution for Modern Cybersecurity Challenges Thorium is a distributed platform that brings

Continue Reading

Users and organizations are increasingly rely on generative AI (artificial intelligence) tools to streamline workflows, enhance productivity, and handle sensitive data. But new security threats are emerging, some of which could have serious consequences. Recent research highlights a growing vulnerability with AI usage and browser extensions, which can be exploited to manipulate prompts and exfiltrate

Continue Reading

Public charging stations have always been considered a convenient way to power up devices on the go. However, recent cybersecurity research reveals a disturbing new threat—called Choicejacking—that turns these stations into data-stealing traps, often without the user even realizing it. For years, “juice jacking” has been a known security concern. Hackers infected charging stations or

Continue Reading