OWASP has released its updated list of the top 10 vulnerabilities in smart contracts for 2025. This guide highlights the most critical vulnerabilities and provides developers and security professionals with a roadmap to reduce risks in decentralized systems. The OWASP Smart Contract Top 10 lists the most common vulnerabilities in …
Read More »
Researchers have demonstrated a method to bypass Windows 11’s BitLocker encryption, enabling the extraction of Full Volume Encryption Keys (FVEKs) from memory. This vulnerability underscores the risks associated with physical access attacks and highlights potential weaknesses in memory protection mechanisms. The attack revolves around capturing the contents of a computer’s …
Read More »
A major security flaw in Craft CMS, a popular PHP content management system, has been found, enabling unauthenticated remote code execution (RCE) with default settings. The vulnerability CVE-2024-56145 was reported by security researchers and quickly patched by the Craft CMS team within 24 hours. PHP has improved over the years …
Read More »
The US government is considering banning a well-known brand of Chinese-made home internet routers TP-Link due to concerns that they may be linked to cyberattacks and pose a national security risk. TP-Link, which holds a 65% market share in the U.S. for high-speed cable modems, routers, and smart home devices, …
Read More »
Nearly half of the high school’s female students were victimized in AI based deepfake the images and videos. The students and the parents were shocked at the incident while knowing the fact. According to wgal, on November 8, Friday morning students of the school staged a walkout to protest of …
Read More »
A whistleblower from OpenAI, Suchir Balaji, an Indian-American ex-researcher at OpenAI who criticized the company’s practices, was found dead in his San Francisco apartment on November 26. Anandabazar said, Primarily the police suspect it to be a case of suicide. Balaji, who left OpenAI in August after four years, was …
Read More »
Oasis Security discovered a flaw in Microsoft’s Multi-Factor Authentication (MFA) system, allowing attackers to bypass it and access user accounts, including Outlook, OneDrive, Teams, and Azure. With over 400 million Office 365 users, the impact of this vulnerability could be significant. Research team claim, “The bypass was simple: it took …
Read More »
Facebook, Instagram and threads are experiencing technical issues, causing temporary disruptions worldwide. Many users are having trouble messaging, and Meta has not yet commented on the cause of the outage. Around 11:30 pm on Wednesday, many users experienced login issues with the web version of WhatsApp, receiving a ‘service not …
Read More »
A federal court in Hammond, Indiana, has unsealed an indictment against Guan Tianfeng, a Chinese citizen, for allegedly hacking firewall devices globally in 2020. Guan and his co-conspirators, employed by Sichuan Silence Information Technology Co. Ltd., targeted a previously unknown vulnerability (an “0-day” vulnerability) in firewalls produced by U.K.-based Sophos …
Read More »
Thousands of AWS customers had terabytes of sensitive data, including personal details, AWS credentials, and proprietary code, compromised in a cyber attack linked to the ShinyHunters hacking group. They gained access to sensitive information through poorly set up systems, resulting in over 2 TB of compromised data. Cybersecurity researchers Noam …
Read More »
InfoSecBulletin Cybersecurity for mankind