Malicious AI Models Evade Detection on Hugging Face Platform
ReversingLabs found two malicious models on Hugging Face. Pickle files were used to embed harmful web shells. Hugging Face enhanced…
Ransomware Payments Drop Significantly in 2024
Ransom payments fell by 35% in 2024. Disruption of major groups contributed to the decline. Organizations strengthened their cybersecurity defenses.
Industry Leaders Stand by CVSS Despite Criticisms
CVSS remains essential in vulnerability assessment. Experts defend its continued use despite flaws. Alternative systems offer complementary insights.
Google Addresses Critical Vulnerabilities in February Android Update
Google's update fixes 47 Android vulnerabilities. Critical flaws in UVC and Qualcomm WLAN fixed. Timely patching is essential for device…
Researchers Uncover Security Risks in Abandoned AWS S3 Buckets
Abandoned AWS S3 buckets pose significant security threats. Various global organizations interacted with these neglected assets. Proactive cloud management is…
XE Group Shifts Tactics to Zero-Day Exploits
XE Group moved from credit-card skimming to zero-day vulnerabilities. Their focus now includes global supply chains in manufacturing sectors. Vulnerabilities…
WhatsApp Halts Spyware Attack Targeting Journalists and Activists
WhatsApp disrupted a spyware attack targeting 90 individuals. Paragon, linked to the attack, was recently acquired by AE International. The…
US Government Agencies Face Cryptojacking Attacks
US federal agencies, including USAID, are targeted by cryptojacking. Cryptojacking degrades system performance and increases operational costs. Enhanced security measures…
Senate Raises Concerns Over FBI Nominee’s Cybercrime Strategy
Senate questions FBI nominee Kash Patel's cybercrime plans. Patel's proposal to repurpose FBI headquarters raises concerns. Debate highlights the future…
US and Dutch Authorities Crack Down on Pakistan Cybercrime Ring
International agencies dismantle HeartSender cybercrime network. Operation Heart Blocker seized 39 domains and servers. Significant disruption limits phishing and cyberattacks.
