Uncategorized

Google has announced Vanir, an open-source tool for detecting and fixing security vulnerabilities, publicly available for developers. Vanir is a source code-based static analysis tool that automatically identifies the list of missing security patches in the target system. By default, Vanir pulls up-to-date CVEs from Open Source Vulnerabilities (OSV) together …

A bootloader vulnerability in Cisco NX-OS affects over 100 switches, enabling attackers to bypass image signature checks. Cisco issued security patches for the vulnerability CVE-2024-20397 (CVSS score of 5.2) in NX-OS software’s bootloader, which could allow attackers to bypass image signature verification. “A vulnerability in the bootloader of Cisco NX-OS …

AI and GPU operations are crucial for modern data centers, but they generate significant energy consumption and heat. A new SG$ 8 million project in Singapore aims to transform cooling solutions for these facilities to meet performance demands and global sustainability goals. Data centres are crucial for the digital age …

A serious zero-day vulnerability has been found in TP-Link Archer, Deco, and Tapo routers, which could let attackers inject harmful commands and take full control of the devices. This vulnerability affects both old and recent firmware versions of popular router models, raising serious security concerns for users until November 4, …

Osaka-based showerhead maker Science Co. is developing a new version of human washing machine based on cutting-edge technology. The company plans to hold an expo in Osaka this April, offering a 15-minute “wash and dry” experience for up to eight people daily, but reservations are required. the company plans to …

Maxar Space Systems has verified a major data breach that exposed particular information of current and former workers. The breach in mid-October 2024 raised major cybersecurity concern after a hacker used a Hong Kong IP address to attack the company’s systems immorally. Maxar said, they discovered the breach on ‘October …

A security vulnerability (CVE-2024-52308) in the GitHub Command Line Interface (CLI) could allow remote code execution on users’ devices. With a CVSS score of 8.1, this highlights the need for developers to stay vigilant with software updates and security measures. The vulnerability arises from how the gh CLI handles SSH …

Fortinet has issued security updates for several products, including FortiOS, to fix vulnerabilities that could allow cyber attackers to take control of affected systems. CISA encourages users and administrators to review the following advisories and apply necessary updates. FG-IR-23-396 ReadOnly Users Could Run Some Sensitive Operations: A client-side enforcement of …

The Socket Research Team has discovered a malicious package named “fabrice,” pretending to be the legitimate fabric SSH automation library. Since its introduction on PyPI in 2021, fabrice has been stealing AWS credentials from users who mistakenly installed it. With over 37,000 downloads, this incident underscores ongoing risks of malware …

GitHub has launched an AI tool called ‘Spark’ that allows users to create apps using natural language, eliminating the need for coding. This tool was introduced at the GitHub Universe Conference in San Francisco. This tool, created by GitHub Next Labs, can quickly generate a web app from English prompts. …