Three security flaws have been disclosed in the open-source PHP package Voyager that could be exploited by an attacker to achieve one-click remote code execution on affected instances. “When an authenticated Voyager user clicks on a malicious link, attackers can execute arbitrary code on the server,” Sonar researcher Yaniv Nizry said in a write-up published […]
Monthly Archives: January 2025
A Mirai botnet variant dubbed Aquabot has been observed actively attempting to exploit a medium-severity security flaw impacting Mitel phones in order to ensnare them into a network capable of mounting distributed denial-of-service (DDoS) attacks. The vulnerability in question is CVE-2024-41710 (CVSS score: 6.8), a case of command injection in the boot process that could […]
A new variant of the Mirai-based botnet malware Aquabot has been observed actively exploiting CVE-2024-41710, a command injection vulnerability in Mitel SIP phones. […]
DogWifTools has disclosed on its official Discord channel that its software has been compromised by a supply chain attack that impacted its Windows client, infecting users with malware. […]
29
Jan
Jan
AI is moving closer to the edge, and Copilot+ PCs are leading the way. With the availability of cloud hosted DeepSeek R1 available on Azure AI Foundry, we’re bringing NPU-optimized versions of DeepSeek-R1 directly to Copilot+ PCs, starting with Qualcomm Snapdragon X first, followed by Intel Core Ultra 200V and others. The first release, DeepSeek-R1-Distill-Qwen-1.5B […]
29
Jan
Jan
AI holds immense possibilities for not just cybersecurity — but economic and national security.
29
Jan
Jan
In 2024, we continued to invest in more ways to protect our community and fight bad actors, so billions of people can trust the apps they download from Google Play and m…
Three vulnerabilities discovered in the open-source PHP package Voyager for managing Laravel applications could be used for remote code execution attacks. […]
AI Usage Statement: This research was done with Claude Desktop, Web Search, Web Document Fetch, and Sequential Thinking. Claude wrote the report, under the direction of Kurt Seifried and validated by ChatGPT. Methodology, templates, and raw conversation are available upon request. January 2025 marked a fundamental shift in our understanding of AI development. DeepSeek, a […]
Microsoft is investigating an ongoing outage preventing users and admins from accessing some Microsoft 365 services and the admin center. […]