Chinese researchers, led by Wang Chao from Shanghai University, have cracked RSA encryption using quantum computers. This achievement raises serious concerns about the future of cryptographic systems, as quantum computers can now threaten long-standing methods of global data security. The Research Breakthrough: Cracking RSA Encryption A study in the Chinese …

On Sunday, the Shadowserver Foundation revealed that over 87,000 internet-facing Fortinet devices may still be at risk due to (CVE-2024-23113) vulnerability. About CVE-2024-23113: CVE-2024-23113, a format string vulnerability that affects the FortiOS FGFM (FortiGate to FortiManager) daemon and can be triggered via specially crafted requests, was discovered and reported by …

A new sophisticated scam is targeting Gmail users, using artificial intelligence to manipulate them into giving away account access. This “super realistic AI scam call” includes fake recovery notifications, spoofed phone numbers, and convincing AI voices to trick users. The scam usually starts with an unexpected Gmail account recovery notification …

RansomHub targets Bangladeshi Confidence group of companies limited. The rapidly growing RansomHub ransomware group set time to release the data. The time remaining 4 days to release while publishing the report. According to the RansomHub ransomware group post, they are going to publish 350GB of confidence group data after the …

OpenAI has neutralized over 20 malicious cyber operations using its AI chatbot, ChatGPT, for creating malware, spreading misinformation, avoiding detection, and spear-phishing. The report confirms that since the start of the year, generative AI tools are being used to improve offensive cyber operations. OpenAI’s latest report reveals that Chinese and …

Nearly 32 million records and about 110 TB of data from Trackman users were left exposed online. This database included user names, email addresses, device information, IP addresses, and security tokens. Security researcher Jeremiah Fowler discovered the vulnerability and reported it to Website Planet, noting that the database lacked password …

CISA has issued a warning about a vulnerability in unencrypted persistent cookies in the F5 BIG-IP Local Traffic Manager (LTM) module. This issue poses a risk for organizations using F5 BIG-IP, as it can be exploited by cybercriminals. CISA warns that cybercriminals are using unencrypted persistent cookies to discover details …

GitLab, a premier platform for DevOps and continuous integration/continuous delivery has rolled out essential security updates in versions 17.4.2, 17.3.5 and 17.2.9 for both community Edition (CE) and enterprises edition (EE). These updates tackles several important vulnerabilities, notably a critical severity flaw (CVE: 2024-9164) that could enable attackers to execute …

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical security flaw impacting Fortinet products to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2024-23113 (CVSS score: 9.8), relates to cases of remote code execution that affects FortiOS, FortiPAM, FortiProxy, …

Palo Alto Networks released a security advisory (PAN-SA-2024-0010) about several high-severity vulnerabilities in its Expedition migration tool, with CVSS scores between 7.0 and 9.9. Exploiting these flaws could allow attackers to take over firewall admin accounts and access sensitive information like usernames, cleartext passwords, and API keys for PAN-OS firewalls. …