Category: Cybersecurity

• Windows update deadline reminder: Users must update their Windows PCs by July 30 to protect against a known vulnerability exploited by attackers.
• Microsoft Windows warning affects over a billion users, with security threats like the exploitation of Internet Explorer code.
• CheckPoint and Trend Micro warned of a previously unknown threat targeting Windows 10 and 11 users through Internet Explorer vulnerabilities.
• US government added the vulnerability to its Known Exploit Vulnerability catalog, urging users to update their systems.
• CISA mandates US federal employees to update their Windows PCs by July 30 to prevent exploitation of the vulnerability.

https://www.forbes.com/sites/zakdoffman/2024/07/27/microsoft-windows-10-windows-11-warning-millions-must-update-by-july-30/…

• PKfail Secure Boot bypass allows attackers to install UEFI malware
• UEFI device makers, including Acer, Dell, HP, and Lenovo, are affected by the PKfail issue
• Leaked private keys from Intel Boot Guard and AMI have led to supply chain security incidents
• Exploiting PKfail allows threat actors to bypass Secure Boot and deploy UEFI malware
• Vendors advised to replace test keys with securely generated keys and users to apply security patches

https://www.bleepingcomputer.com/news/security/pkfail-secure-boot-bypass-lets-attackers-install-uefi-malware/…

• Data breach exposes US spyware maker Spytech behind Windows, Mac, Android, and Chromebook malware
• Spytech’s spyware compromised over 10,000 devices globally since 2013, including Android, Chromebooks, Macs, and Windows PCs
• Spytech’s CEO unaware of breach, spyware marketed for spousal surveillance, illegal to monitor devices without consent
• Spyware sends keystrokes, web history, location data to dashboard controlled by installer, difficult to detect and remove
• Breached data shows Spytech’s victims across Europe, US, Africa, Asia, Australia, Middle East; CEO hesitant on notifying victims

https://techcrunch.com/2024/07/25/spytech-data-breach-windows-mac-android-chromebook-spyware/…

• Microsoft warns of Windows BitLocker recovery issue after July 2024 security updates
• Google reverses plan to eliminate third-party cookies in Chrome
• New Play ransomware targets VMware ESXi VMs with Linux version
• Telegram zero-day exploit allows sending malicious Android APKs as videos
• Fake CrowdStrike fixes distribute malware and data wipers, with a ‘Content Validator’ bug identified

https://www.bleepingcomputer.com/news/microsoft/windows-july-security-updates-send-pcs-into-bitlocker-recovery/…

• Google has decided not to disable tracking cookies in Chrome, despite previous efforts to do so
• The company will introduce a new experience allowing users to choose their tracking preferences when updating or first using Chrome
• Google’s attempts to replace third-party cookies faced resistance from privacy advocates, trade regulators, and the advertising industry
• New technologies like Federated Learning offer potential alternatives to traditional tracking methods
• Google’s shift in strategy from FLoC to a Topics API aims to give users more control over their data while still serving advertisers

https://arstechnica.com/gadgets/2024/07/google-will-not-disable-tracking-cookies-in-chrome-after-years-of-trying/…

• Apple UK implicated in more cases of predators sharing child abuse imagery in England and Wales than reported globally in a year
• Apple accused of failing to effectively monitor platforms for child sexual abuse material (CSAM)
• NSPCC accuses Apple of vastly undercounting instances of CSAM on its products
• Apple reported 267 suspected CSAM cases globally in 2023, significantly lower than peers like Google and Meta
• Concerns raised over Apple’s decision to not implement iCloud photo-scanning tool and launch AI system, risking increase in AI-generated CSAM and impact on child safety

https://www.theguardian.com/technology/article/2024/jul/22/apple-security-child-sexual-images-accusation…

• Microsoft blames the EU for inability to secure Windows due to 2009 deal
• Deal with European Commission grants security software vendors equal access to Windows APIs
• CrowdStrike incident highlights potential security risks with open APIs
• Apple and Google not bound by similar restrictions on their operating systems
• EU unlikely to allow Microsoft to further lock down Windows despite security benefits

https://www.neowin.net/news/microsoft-points-finger-at-the-eu-for-not-being-able-to-lock-down-windows/…

• Fake CrowdStrike worker Vincent Flibustier goes viral, claims responsibility for global Windows outage
• Flibustier’s altered photo outside CrowdStrike office garners 4 lakh likes, 36,000 shares
• Flibustier fired by company, takes satirical responsibility for causing IT outage
• Vincent Flibustier, a satirical writer, explains the allure of his joke and people’s reactions
• Millions still facing tech issues as Microsoft and CrowdStrike work to resolve faulty update-induced outages

https://www.ndtv.com/world-news/microsoft-outage-crowdstrike-vincent-flibustier-the-fake-crowdstrike-worker-who-crippled-windows-users-worldwide-6145878…

• Samsung emphasizes the critical nature of its August 2024 security patch for its devices
• The patch addresses a significant security vulnerability affecting all Android devices
• Samsung plans to release the security update for Galaxy phones and tablets next month
• The update will include major camera improvements for the Galaxy S24 series
• Samsung’s proactive approach contrasts with delays in addressing critical vulnerabilities by other smartphone brands

https://www.sammobile.com/news/samsung-august-2024-security-patch-critical/…

• Apple issues warning to 1.4 billion iPhone users to stop using Google Chrome
• Google aims to increase Chrome’s install base on iPhones from 30% to 50%
• Apple’s Safari and Google Chrome dominate mobile market share
• Privacy concerns with Google Chrome’s tracking capabilities highlighted
• Apple emphasizes privacy in ad campaign, urging users to use Safari over Chrome

https://www.forbes.com/sites/zakdoffman/2024/07/16/apple-issues-new-google-chrome-warning-for-14-billion-iphone-users/…

• Pokémon lawyer tracks leaker by calling his mom, scaring him straight
• Don McGowan, former Pokémon legal officer, recounts story of catching young leaker
• McGowan contacted leaker’s mom, explaining potential legal consequences
• Leaker, Andrew, publicly acknowledges mistake and vows not to repeat it
• Story showcases Pokémon Company’s strict protection of intellectual property

https://www.gamesradar.com/games/pokemon/former-pokemon-lawyer-explains-how-he-tracked-down-a-young-leaker-by-calling-his-mom-absolutely-baked-my-legend-in-at-pokemon-for-like-5-years/…

• Google is enhancing account security with easier access to Advanced Account Protection through passkeys
• Advanced Protection Program requires strong multifactor authentication with cryptographic keys
• Users can now enroll in APP using passkeys in addition to physical tokens
• Google recommends having multiple backup methods, like phone numbers and email addresses, for account recovery
• The recovery process for APP accounts involves various factors to ensure secure access

https://arstechnica.com/security/2024/07/google-makes-it-easier-for-users-to-switch-on-advanced-account-protection/…

• “Superhuman” Go AIs struggle to defend against simple exploits
• MIT and FAR AI researchers aim to create a robust, unexploitable Go AI
• Three defense methods tested, including fine-tuning models and iterative training
• Adversarial attacks highlight vulnerabilities in AI systems’ worst-case performance
• Research suggests potential for defending AI by training against a large corpus of attacks

https://arstechnica.com/ai/2024/07/superhuman-go-ais-still-have-trouble-defending-against-these-simple-exploits/…

• Tour riders are inhaling carbon monoxide in ‘super altitude’ recipe for performance enhancement
• Top teams like Visma and UAE have access to specialized equipment for testing but deny using CO for performance enhancement
• CO inhalation is a potentially powerful technique that can impact aerobic capacity like VO2max
• Research suggests CO inhalation can provide similar effects to altitude training, potentially enhancing performance
• Concerns exist about the ethical implications and safety risks of using CO inhalation for performance gains

https://escapecollective.com/exclusive-tour-riders-are-inhaling-carbon-monoxide-in-super-altitude-recipe/…

• 500 million Outlook users at risk from dangerous zero-click remote code execution vulnerability
• Microsoft advises users to update software to mitigate exploitation risk
• Vulnerability impacts most Microsoft Outlook applications, posing severe risk for corporates
• Exploit targeting trusted senders could lead to ransomware attacks
• Morphisec discovered vulnerability through extensive code analysis, to share findings at Def Con 32

https://www.forbes.com/sites/zakdoffman/2024/07/11/new-microsoft-outlook-warning-update-now-to-stop-damage-to-your-windows-11-windows-10-pc/…

• iPhone users in 98 countries warned about ‘mercenary spyware attacks’
• Apple detects targeted attacks on iPhones compromising personal data
• NSO’s Pegasus software exploits iPhone vulnerabilities for zero-click access
• Governments use spyware to target opposition politicians and activists
• Apple issues warnings to compromised iPhone users and advises Lockdown Mode

https://9to5mac.com/2024/07/11/iphone-mercenary-spyware-attacks/…

• Threat actors exploited Windows 0-day vulnerability for over a year before Microsoft fixed it
• Vulnerability affected Windows 10 and 11, causing devices to open Internet Explorer
• Malicious code used novel tricks to lure Windows users for remote code execution
• Exploitation involved deceptive .url files masquerading as PDFs to run malicious code in Internet Explorer
• Check Point researchers provided cryptographic hashes for targeted .url files to help Windows users check for potential attacks

https://arstechnica.com/security/2024/07/threat-actors-exploited-windows-0-day-for-more-than-a-year-before-microsoft-fixed-it/…

• Apple releases protections for iPhone users after cyberattack, urging two-factor authentication setup
• Hackers using social engineering tactics to access personal details like sign-in credentials and financial information
• Users warned about phishing emails, fraudulent pop-up ads, spoofing calls, and fake promotions
• Scammers may ask users to disable security features like two-factor authentication or Stolen Device Protection
• Users advised to verify suspicious calls by contacting Apple directly or reporting scam phone calls

https://www.dailymail.co.uk/sciencetech/article-13620225/apple-new-protections-iphone-users-cyberattack.html…

• Microsoft fixed a Windows MSHTML zero-day vulnerability that has been exploited in attacks for over a year by unregistering the mhtml: URI from Internet Explorer
• Haifei Li of Check Point Research discovered the high-severity CVE-2024-38112 vulnerability, exploited by distributing Windows Internet Shortcut Files to install password-stealing malware
• Threat actors used Internet Explorer to download malicious HTA files disguised as PDFs, stealing browser credentials and sensitive data
• Check Point Research released an emergency fix for the VPN zero-day vulnerability exploited in attacks
• Microsoft’s July 2024 Patch Tuesday addressed 142 flaws, including four zero-day vulnerabilities, with a link to the Black Basta ransomware gang

https://www.bleepingcomputer.com/news/security/windows-mshtml-zero-day-used-in-malware-attacks-for-over-a-year/…

• Apple warns users to take these steps amid alarming uptick in deceptive phishing scams
• Deceptive phishing scams involve sophisticated tactics to obtain personal details through emails, fake popup ads, and convincing phone calls
• Scammers use fake Caller ID info to spoof phone numbers, claiming suspicious activity on accounts to obtain information, money, or Apple gift cards
• Voice scams are on the rise with AI making fake voices more believable, while email tactics are becoming more inconspicuous
• Experts warn of the significant financial impact of fraud, especially on the elderly, and advise vigilance in identifying phishing attempts, avoiding sharing personal information, and using two-factor authentication

https://nypost.com/2024/07/10/lifestyle/apple-warns-users-to-take-these-steps-amid-alarming-uptick-in-phishing-cyberattacks/…

• Google has enhanced its Advanced Protection Program for high-risk Google accounts, allowing users to set it up with a single passkey using biometric authentication on Pixel or iPhone devices.
• The program is designed for individuals at risk of targeted online attacks, such as political campaign workers or journalists with sensitive information.
• Previously, two physical security keys were required to activate the program, but now users can log in with just a passkey, enhancing security and ease of access.
• Users can enroll in the Advanced Protection Program by visiting Google’s designated page and following the setup instructions, which include setting up recovery methods like phone numbers and email addresses.
• Passkeys, based on WebAuthn technology, can replace traditional passwords and be used across multiple devices, with support from services like Apple’s and Google’s password vaults, as well as password managers like 1Password and Dashlane.

https://www.theverge.com/2024/7/10/24195306/google-accounts-advanced-protection-passkey-enrollment-support-security-key…

• OpenSSH vulnerability CVE-2024-6409 allows remote code execution in privsep child process due to signal handling race condition
• Vulnerability discovered by security researcher Solar Designer during review of CVE-2024-6387
• Impacts OpenSSH versions 8.7p1 and 8.8p1 in Red Hat Enterprise Linux 9
• Exploit for CVE-2024-6387 detected in the wild, targeting servers primarily in China
• Urgent need to address OpenSSH vulnerabilities to prevent remote code execution and potential attacks

https://thehackernews.com/2024/07/new-openssh-vulnerability-discovered.html…

• Nearly 10 billion credentials have been leaked in the largest leak in history
• The RockYou2024 leak contains a file with 10 billion unique plaintext passwords from various data breaches
• Threat actors could use these passwords for credential stuffing attacks to gain unauthorized access to online accounts and systems
• The leak, while serious, is a compilation of previous password leaks spanning two decades
• Users are advised to change passwords, use strong and unique passwords, enable multi-factor authentication, and utilize password manager software to enhance cybersecurity

https://www.jpost.com/business-and-innovation/article-809428…

• ZOTAC RMA data breach: Personal information leaked due to mismanagement of RMA files
• GamersNexus exposes ZOTAC’s negligence in safeguarding customer data
• RMA files uploaded on Google’s servers, making them publicly accessible
• Potential risk of identity theft and data leakage due to public availability of B2B invoices and customer details
• ZOTAC working with partners to address the issue, advising customers to search for and delete personal documents online

https://wccftech.com/zotac-mismanages-customer-rma-files-personal-information-b2b-transactions/…

• A “low-intensity explosion” caused a Russian satellite, Resurs P1, to spew debris in low Earth orbit
• The cause of the explosion is believed to be either a collision or an internal structural failure within the spacecraft itself
• The debris cloud created poses a hazard to other operational satellites in low Earth orbit, including the International Space Station and China’s Tiangong space station
• The main satellite, Resurs P1, is still intact but the solar panels failed to fully deploy before the breakup
• This event highlights the ongoing risk posed by defunct spacecraft in orbit, with over 2,500 similar long-lived derelict hardware at risk of suffering a similar fate in the future

https://spacenews.com/low-intensity-explosion-caused-russian-satellite-to-spew-debris/…

• Windows PC security steps are crucial for enhancing protection
• Explore alternative security features beyond the traditional Win+L routine
• Utilize options like face recognition, dynamic lock, Windows Hello PIN, fingerprint, and security key
• Set up phone connectivity via Bluetooth to automatically lock your PC
• Choose the security method that suits you best for effective protection

https://www.foxnews.com/tech/lets-take-your-windows-pcs-security-next-level-simple-steps…

• 10 billion stolen passwords shared online in record-breaking leak
• Cybernews research team discovered nearly 10 billion unique plaintext passwords in a file titled rockyou2024.txt
• RockYou2024 combines previous leaks with over 1.5 billion new passwords collected between 2021 and 2024
• Threat actors may use leaked passwords for credential stuffing, leading to data breaches, financial frauds, and identity thefts
• Cybernews recommends checking HaveIBeenPwned.com regularly to update compromised passwords

https://bgr.com/tech/10-billion-stolen-passwords-shared-online-in-record-breaking-leak/…

• ChatGPT Mac app had a privacy issue, storing conversations as plain text
• User chats were vulnerable to access by any bad actor with access to the machine
• OpenAI updated the app to encrypt local chats, but it remains non-sandboxed
• The app is only available as a direct download from OpenAI’s website
• OpenAI’s security measures lag behind those of Apple, with whom they recently partnered

https://arstechnica.com/ai/2024/07/chatgpts-much-heralded-mac-app-was-storing-conversations-as-plain-text/…

• New Google Play Store warning raises concerns for millions of users due to reappearance of dangerous threat Anatsa
• Google’s previous assurance of removing malicious apps from Play Store seems to have failed, allowing Anatsa malware to resurface
• Anatsa malware targets banking apps to steal sensitive financial information by intercepting login details and draining accounts
• Zscaler identifies a new malicious Android app disguised as a QR reader and file manager, serving as a dropper for the Anatsa banking trojan
• The strategic use of seemingly harmless apps as droppers enables malware like Anatsa to evade detection and infiltrate the official Google Play Store

https://www.forbes.com/sites/zakdoffman/2024/07/04/samsung-galaxy-google-pixel-android-users-delete-this-play-store-app/…

• Tool preventing AI mimicry, Glaze, facing challenges in protecting artists’ styles from AI image generators
• Tech companies updating user terms to scrape data for AI training, posing threats to artists’ brands
• Adobe criticized for selling AI images mimicking famous artists’ styles, prompting removal of copycats
• The Glaze Project experiencing high demand for its tools to prevent style mimicry and discourage data scraping
• Surge in requests for Glaze causing backlog, with security researchers questioning its effectiveness in protecting artists

https://arstechnica.com/tech-policy/2024/07/glaze-a-tool-protecting-artists-from-ai-bypassed-by-attack-as-demand-spikes/…

• OpenAI ChatGPT Mac app stored conversations in plain text, posing a security risk
• Pedro José Pereira Vieito demonstrated how easy it was to access and read the conversations
• The Verge contacted OpenAI about the issue, prompting the company to release an update that encrypts chats
• Pereira Vieito’s app to access conversations in plain text no longer works after the update
• OpenAI may review ChatGPT conversations for safety, but the issue raised questions about data privacy and security

https://www.theverge.com/2024/7/3/24191636/openai-chatgpt-mac-app-conversations-plain-text…

• Man sentenced to four months in prison for carrying a six-inch Master Sword in public
• Anthony Bray, 48, of Nuneaton, England, arrested for openly carrying replica weapon from The Legend of Zelda series
• Warwickshire Police arrested Bray after he approached officers with the sword visible in his hand
• Despite claiming it was a “fidget” item, police deemed the sword as a bladed article that could be used as a weapon
• Bray sentenced to prison and fined for carrying the sword, with police emphasizing zero tolerance for bladed articles in public

https://www.ign.com/articles/man-sentenced-to-four-months-in-prison-for-carrying-a-6-inch-master-sword-in-public…

• Millions of iOS apps exposed to CocoaPods security breach, potentially leading to supply-chain attacks
• Vulnerabilities in CocoaPods allowed access to sensitive app data like credit card details and medical records
• Exploit related to insecure email verification mechanism used to authenticate developers of libraries
• CocoaPods team took steps to fix vulnerabilities, wiping session keys and implementing new recovery procedures
• Previous security issues in CocoaPods included running arbitrary code on servers managing repositories, emphasizing the need for developers to review dependencies and run security scans

https://9to5mac.com/2024/07/02/ios-apps-security-breach-cocoapods/…

• The “RegreSSHion” OpenSSH vulnerability, tracked as CVE-2024-6387, allows unauthenticated remote code execution with root system rights on Linux systems based on glibc.
• The vulnerability results from a code regression introduced in 2020, reintroducing a previously fixed vulnerability (CVE-2006-5051) and poses a significant risk due to the large number of vulnerable servers on the Internet.
• The flaw stems from faulty management of the signal handler in glibc, allowing attackers to execute arbitrary code with the highest privileges without authentication.
• While the severity of the threat is significant, various factors like address space layout randomization and OS specificity may limit mass exploitation.
• Attackers could still conduct targeted attacks by peppering specific networks with authentication attempts until code execution is successful, spreading requests through multiple IP addresses to cover their tracks.

https://arstechnica.com/security/2024/07/regresshion-vulnerability-in-openssh-gives-attackers-root-on-linux/…

• Chinese hackers associated with Velvet Ant are exploiting a zero-day vulnerability (CVE-2024-20399) in Cisco NX-OS Software to deliver malware via Cisco switches.
• The flaw allows authenticated local attackers to execute arbitrary commands as root on affected devices, enabling remote connection, file uploads, and code execution on compromised Cisco Nexus devices.
• The vulnerability arises from insufficient validation of arguments in specific configuration CLI commands, allowing attackers to execute commands without triggering system syslog messages.
• Successful exploitation requires administrator credentials and access to specific configuration commands, impacting various Cisco devices.
• In a separate incident, threat actors are exploiting a critical vulnerability in D-Link DIR-859 Wi-Fi routers (CVE-2024-0769) to gather account information, posing long-term exploitation risks due to the product being End-of-Life.

https://thehackernews.com/2024/07/chinese-hackers-exploiting-cisco.html…

• 3 million iOS and macOS apps were exposed to potent supply-chain attacks
• Vulnerabilities in trunk server managed CocoaPods led to potential compromise of sensitive information
• Insecure verification email mechanism allowed attackers to manipulate URLs and gain control over abandoned pods
• Exploits included forging XFH headers, activating orphaned pods, and executing code on the trunk server
• Researchers warned of the severe consequences, including ransomware, fraud, and legal liabilities

https://arstechnica.com/security/2024/07/3-million-ios-and-macos-apps-were-exposed-to-potent-supply-chain-attacks/…

• Google mandates disclosure of digitally altered election ads
• Advertisers must select checkbox for altered content in ad settings
• In-ad disclosure for mobile feeds and shorts, in-streams on computers and TV
• AI technology poses challenges in creating deepfakes for misinformation
• Meta and OpenAI also require disclosure of AI use in political ads

https://www.foxbusiness.com/politics/google-mandate-disclosure-digitally-altered-election-ads…

• Russia’s nuclear-proof transport, the Ladoga, developed in the late 1970s by the Kirovsky Design Bureau, has been targeted and destroyed in Ukraine.
• The Ladoga was designed as a heavily armored, self-contained vehicle with remote cameras and oxygen supply for nuclear reconnaissance and command purposes.
• Only a few Ladogas were produced, with one ending up in a museum and others disappearing until recent sightings in Ukraine.
• The Kremlin is facing challenges in replenishing combat vehicles lost in the ongoing conflict with Ukraine, leading to unusual vehicles like golf-carts and dirt bikes being used in warfare.
• The Ladoga’s advanced features, such as a gas-turbine engine and command capabilities, were not utilized in a nuclear scenario, highlighting the unexpected turn of events in its deployment in a non-nuclear war.

https://www.forbes.com/sites/davidaxe/2024/06/30/another-one-of-russias-nuclear-proof-transports-just-got-blown-up-in-ukraine/…

• Daughter engaging in dangerous pastime by seeking ‘diet advice’ and ‘weight loss goals’ on YouTube
• Concerns about daughter’s sudden decrease in eating habits and potential body image issues
• Suggested approach: gently confront daughter about changes, inquire about reasons for wanting to lose weight
• Encourage balanced diet and regular exercise instead of deprivation
• Offer support, involve daughter in meal planning, promote body positivity and seek professional help if needed

https://slate.com/advice/2024/06/parenting-advice-daughter-diet-youtube-history.html…

• BlackSuit ransomware gang claims attack on KADOKAWA corporation, threatening to publish stolen data if ransom is not paid
• KADOKAWA, a Japanese media conglomerate, experienced service outages on multiple websites due to cyberattack on June 8
• Incident impacted operations of KADOKAWA and its subsidiaries hosted in the same data center, encrypted by ransomware
• Niconico, a popular Japanese video-sharing platform, was among the impacted companies
• BlackSuit ransomware operation, linked to Conti cybercrime syndicate, previously conducted attacks on CDK Global and demanded over $275 million in ransom

https://www.bleepingcomputer.com/news/security/blacksuit-ransomware-gang-claims-attack-on-kadokawa-corporation/…

• Amazon’s cloud division is investigating Perplexity AI for potential scraping abuse of websites that prohibited access through the Robots Exclusion Protocol
• Perplexity, backed by the Jeff Bezos family fund and Nvidia, is valued at $3 billion and is accused of using content from scraped websites in violation of terms of service
• The investigation revealed that Perplexity’s AI-powered search chatbot ignored robots.txt in certain instances, prompting concerns of scraping abuse and plagiarism
• Perplexity’s CEO initially denied wrongdoing, attributing the scraping activity to a third-party company, but later confirmed that PerplexityBot does ignore robots.txt in specific cases
• Digital Content Next, a trade association for the digital content industry, expressed concerns that Perplexity’s actions may violate copyright principles and terms of service, urging caution and proper compliance

https://www.wired.com/story/aws-perplexity-bot-scraping-investigation/…

• Nintendo is doubling down on security measures to prevent leaks of video game content following recent incidents involving unauthorized access to information on YouTube’s backend.
• Reports have surfaced regarding employees gaining access to trailers and data before official announcements, leading to speculation about how leaks are occurring.
• Nintendo has acknowledged the reports and is implementing outside security firms, new security measures, and employee training to address the leak issues.
• Recent leaks, including information about new games, have led to speculation about the sources of the leaks and potential security vulnerabilities.
• The video game leaking scene is currently chaotic, with well-known leakers being exposed and fans awaiting official press releases for upcoming game announcements.

https://kotaku.com/nintendo-direct-leaks-youtube-pyoro-switch-2-1851563772…

• R1 jailbreakers discovered a massive security flaw in Rabbit’s code
• API keys hardcoded in Rabbit’s codebase put sensitive information at risk
• Rabbitude gained access to API keys, allowing them to access responses from R1 devices
• Rabbit did not take immediate action to secure the breached information
• Rabbit responded by stating they are investigating the incident and updating their site with information

https://www.theverge.com/2024/6/26/24186614/rabbit-r1-security-flaw-api-key-codebase…

• Threat actor modifies source code of WordPress plugins on WordPress.org in supply chain attack
• Malicious PHP scripts create new admin accounts with administrative privileges on websites
• Wordfence discovers breach and notifies plugin developers, resulting in patches being released
• Infected plugins attempt to create admin accounts and inject SEO spam into compromised websites
• Data transmitted to IP address 94.156.79[.]8; impacted plugins temporarily delisted from WordPress.org

https://www.bleepingcomputer.com/news/security/plugins-on-wordpressorg-backdoored-in-supply-chain-attack/…

• WordPress plugins on 36,000 sites hit by a supply-chain attack, creating attacker-controlled admin accounts
• Five plugins affected, injecting malicious code for SEO spam and unauthorized admin accounts
• Attack discovered by Wordfence researchers who found malware injecting new admin accounts
• Threat actor’s actions not sophisticated, with injected code easily identifiable
• Users advised to uninstall affected plugins, check for unauthorized admin accounts, and monitor site connections

https://arstechnica.com/security/2024/06/supply-chain-attack-on-wordpress-plugins-affects-as-many-as-36000-sites/…

• Security experts express concerns over Telegram’s ’30 engineers’ team, highlighting potential security risks due to lack of personnel for encryption, legal requests, abuse handling, and content moderation
• Telegram’s default lack of end-to-end encryption in chats is a significant vulnerability compared to other messaging apps like Signal and WhatsApp
• Telegram’s use of proprietary encryption algorithm raises doubts about the quality of encryption provided to users
• The platform’s social media aspect poses additional security risks as it stores vast amounts of user data, making it an attractive target for hackers
• Despite having nearly one billion users, Telegram’s small cybersecurity team of around 30 engineers raises doubts about its ability to effectively combat security threats, especially from hackers and government entities

https://techcrunch.com/2024/06/24/experts-say-telegrams-30-engineers-team-is-a-security-red-flag/…

• Chinese rocket debris falls over village, emitting highly toxic nitrogen tetroxide
• Video shows Long March 2C rocket’s first stage crashing near populated area in southwest China
• Nitrogen tetroxide, a toxic oxidizing agent used in rocket propulsion, poses severe health risks
• China’s history of risky rocket launches in inhabited areas highlighted
• Newer Chinese rockets moving towards safer propellants like kerosene and liquid hydrogen

https://gizmodo.com/china-rocket-booster-crash-leaking-toxic-fuel-1851557049…

• Iranian hackers deploy Rafel RAT in Android ransomware operation
• Rafel RAT used by multiple threat actors, including cyber espionage groups, disguised as popular apps
• DoNot Team leveraged Rafel RAT in cyber attacks targeting high-profile entities using military-themed PDF lures
• Majority of victims had Samsung phones, with outdated Android versions being targeted
• Typical attack chains involve social engineering to gain intrusive permissions and access sensitive data

https://thehackernews.com/2024/06/iranian-hackers-deploy-rafel-rat-in.html…

• Google One VPN, introduced in 2020, has been discontinued due to low usage, allowing Google to focus on more popular features like Fitbit Premium and Nest Aware.
• The VPN was available for different Google One subscription plans, with dedicated apps for Android, iOS, Mac, and Windows.
• Google emphasized the VPN as an additional layer of online protection rather than for accessing geo-restricted content.
• Existing users may still have temporary access until their next internet connection loss, after which the VPN will no longer connect.
• Pixel phone owners have access to a different VPN called “Pixel VPN by Google,” but it lacks some features, while Google Fi Wireless also offers a VPN to subscribers.

https://9to5google.com/2024/06/21/vpn-by-google-one-shutdown/…

• Retail workers share wild scam stories, including a customer trying to return food carcass
• Customer tries to return an item stolen from the store, threatens to bring cops
• New policy implemented to prevent scams, customer unsuccessfully tries to return damaged phone
• Manager successfully handles situation with customer trying to return damaged phone
• Customer leaves store after realizing manager is new and in charge

https://www.buzzfeed.com/fabianabuontempo/retail-workers-share-scams-customers-have-tried…