NGINX has been available since 2004 and the critical vulnerability that was uncovered is thought to have been present since 2008. The open source web server is a very popular tool for load balancing and serving static content, with estimates putting almost a third of the world’s most popular websites down as users.
While there is no official word as of yet and a decision has reportedly not been reached, inside sources at CISA say that high-level discussions about setting the time limit for remediating known critical vulnerabilities (KEVs) to just three days are taking place.
The level of trust that one can give to AI agents is once again in question, with recent news that Anthropic managed to include Claude Code source code in a software update for the world to see.
Google warns organizations should expect that, at minimum, threat actors that have already stolen encrypted materials will potentially be able to start cracking them with quantum computing techniques by 2029 in what will likely be the opening chapter of Q-Day.
Strava fitness app is once again in the news as a French officer seems to have obliviously used it during a run on the deck of France’s only aircraft carrier, giving away its position.
Foreign-made consumer-grade internet routers are now blocked from sale in the US by default, and will need to undergo a special approval process that comes with a thumbs-up from the DoW or DHS. While the ban applies globally, the main national security rationale is to reduce dependency on equipment coming from China.
The attack chain relies on three specific vulnerability elements: an open redirect from the main Claude website that makes a malicious URL look like a legitimate link to the AI, a prompt injection in the attack URL that is not visible to the end user, and a means by which to exfiltrate requested data via the Claude API.
Highly active threat actor making use of a new infostealer called DarkSword that incorporates zero-day vulnerabilities. The malware is an iOS exploit chain that is initiated simply by visiting an attack page with Safari.
The whistleblower claims that Solly’s plan for the alleged purloined social security data was to turn it over to his new employer, Fortune 500 firm Leidos. The anonymous source alleges that Solly copied the data in question from a thumb drive to a personal computer, then asked them about “sanitizing” it ahead of a planned upload to Leidos.
A Iran-linked “hacktivist” group that has been active since at least 2023 has struck again, this time the cyber attack caused damage to the business operations of major medtech firm Stryker.