Cloud
-
Discovery of Malicious Go Packages Exposes Supply Chain Vulnerabilities
Recent cybersecurity research highlights a critical vulnerability in the Go programming ecosystem with the discovery of 11 malicious packages designed for covert data exfiltration on Windows and Linux systems. The malware exploits the decentralized nature of Go modules, undermining developer confidence.
-
Critical Amazon ECS Vulnerability Exposed: Researchers Present ECScape Attack Method
A critical vulnerability in Amazon Elastic Container Service (ECS) has been discovered, enabling attackers to exploit an ‘end-to-end privilege escalation chain.’ Dubbed ECScape by researchers, the attack could allow malicious containers to gain higher privileges and access sensitive data within cloud environments.
-
Vulnerability in macOS Spotlight Exposes User Data
A vulnerability in macOS, known as CVE-2025-31199, has been revealed, allowing attackers to exploit Spotlight plugins to access protected user data, including sensitive files cached by Apple Intelligence. Apple has issued a patch to address the flaw.
-
Cybersecurity Experts Discover Stealthy Backdoor in WordPress Sites
Cybersecurity researchers have uncovered a dangerous backdoor embedded in WordPress sites’ mu-plugins directory, giving hackers persistent access to execute commands without detection.
-
Cloudflare Confirms 1.1.1.1 Outage Stemmed from Internal Misconfiguration, Not Attack
Cloudflare confirmed that a recent outage of its 1.1.1.1 Resolver service was caused by an internal misconfiguration, dismissing concerns of a cyberattack or BGP hijack. The incident led to significant disruptions for users globally, with full restoration achieved within hours.
-
Louis Vuitton Investigates Data Breach Affecting UK Customers Amid Ongoing Cybersecurity Concerns
Luxury fashion house Louis Vuitton is investigating a data breach that has exposed customer information tied to its UK operations. This breach is the third linked to LVMH brands in recent months, raising concerns about security practices across the luxury retail sector.
-
NVIDIA Alerts Users on Rowhammer Vulnerability Affecting GDDR6 GPUs
NVIDIA is warning users to enable System Level ECC to mitigate the risk of Rowhammer attacks on GPUs with GDDR6 memory, following recent research demonstrating the vulnerability on the A6000 model.
-
New Vulnerability in ServiceNow Exposes Sensitive Data to Low-Privileged Users
A newly identified vulnerability in ServiceNow, known as Count(er) Strike, allows low-privileged users to access sensitive data improperly, prompting urgent calls for enhanced security measures from enterprises using the platform.
-
Ingram Micro Confirms Ransomware Attack Amid Ongoing IT Outage
Ingram Micro is facing a significant cybersecurity crisis due to a ransomware attack that has resulted in a multi-day IT outage, seriously disrupting services for customers and partners globally. The company is working with cybersecurity experts to manage the breach and restore operations.
-
Cisco Issues Urgent Update to Address Critical Vulnerability in Unified Communications Manager
Cisco has issued an urgent security alert regarding a critical vulnerability in its Unified Communications Manager systems, urging users to upgrade to new software updates to prevent potential exploitation.
