Pierluigi Paganini
March 29, 2023
OpenAI addressed multiple severe vulnerabilities in the popular chatbot ChatGPT that could have been exploited to take over accounts. OpenAI addressed multiple severe vulnerabilities in ChatGPT that could have allowed attackers to take over user accounts and view chat histories. One of the issues was a “Web Cache Deception” vulnerability reported by the bug bounty […]
Pierluigi Paganini
March 28, 2023
Telecommunications giant Lumen Technologies discovered two cybersecurity incidents, including a ransomware attack. In a filing to the Securities and Exchange Commission, on March 27, 2023, Lumen announced two cybersecurity incidents. One of the incidents is a ransomware attack that impacted a limited number of its servers that support a segmented hosting service. The company did […]
Pierluigi Paganini
March 27, 2023
Apple released updates to backport security patches that address actively exploited CVE-2023-23529 WebKit zero-day for older iPhones and iPads. Apple released security updates to backport patches that address an actively exploited zero-day flaw (CVE-2023-23529) for older iPhones and iPads. The CVE-2023-23529 flaw is a type confusion issue in WebKit that was addressed by the IT giant with […]
Pierluigi Paganini
March 26, 2023
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. NCA infiltrates the cybercriminal underground with fake DDoS-for-hire sites Pwn2Own Vancouver 2023 awarded $1,035,000 and […]
Pierluigi Paganini
March 26, 2023
Microsoft is warning of cyber attacks exploiting a recently patched Outlook vulnerability tracked as CVE-2023-23397 (CVSS score: 9.8). Microsoft published guidance for investigating attacks exploiting recently patched Outlook vulnerability tracked as CVE-2023-23397. The flaw is a Microsoft Outlook spoofing vulnerability that can lead to an authentication bypass. A remote, unauthenticated attacker can exploit the flaw to […]
Pierluigi Paganini
March 25, 2023
On the third day of the Pwn2Own Vancouver 2023 hacking contest, the organization awarded $185,000 for 10 zero-day exploits. Pwn2Own Vancouver 2023 is ended, contestants disclosed 27 unique zero-days and the organization awarded a total of $1,035,000 and a Tesla Model 3. The team Synacktiv (@Synacktiv) (Benoist-Vanderbeken, David Berard, Vincent Dehors, Tanguy Dubroca, Thomas Bouzerar, […]
Pierluigi Paganini
March 24, 2023
The US Cybersecurity and Infrastructure Security Agency (CISA) announced the Pre-Ransomware Notifications service to help organizations stop ransomware attacks before damage occurs. The US Cybersecurity and Infrastructure Security Agency announced a new Pre-Ransomware Notification initiative that aims at alerting organizations of early-stage ransomware attacks. The principle behind the initiative is simple, ransomware actors initially gain access […]
Pierluigi Paganini
March 24, 2023
A patch for a critical vulnerability in the WooCommerce Payments plugin for WordPress has been released for over 500,000 websites. On March 23, 2023, researchers from Wordfence observed that the âWooCommerce Payments â Fully Integrated Solution Built and Supported by Wooâ plugin had been updated to version 5.6.2. The WooCommerce Payments plugin is a fully integrated […]
Pierluigi Paganini
March 23, 2023
Cisco addressed tens of vulnerabilities in its IOS and IOS XE software, six of these issues have been rated âhigh severityâ. Cisco published the March 2023 Semiannual IOS and IOS XE Software Security Advisory that addresses several vulnerabilities in IOS and IOS XE software. Below is the list of flaws addressed by the IT giant […]
Pierluigi Paganini
March 22, 2023
Entertainment industry giant Lionsgate leaked users’ IP addresses and information about what content they watch on its movie-streaming platform, according to research from Cybernews. Original post at https://cybernews.com/security/lionsgate-data-leak/ During their investigation, our researchers discovered that the video-streaming platform Lionsgate Play had leaked user data through an open ElasticSearch instance. The Cybernews research team discovered an […]
Security / November 12, 2025
Cyber Crime / November 12, 2025
