The Hacker News3h
New AI Jailbreak Method 'Bad Likert Judge' Boosts Attack Success Rates by Over 60%
New Likert-scale-based AI jailbreak technique boosts attack success rates by 60%, highlighting urgent safety challenges.
The Hacker News6h
LDAPNightmare PoC Exploit Crashes LSASS and Reboots Windows Domain Controllers
The CVE-2024-49113 PoC devised by SafeBreach Labs, codenamed LDAPNightmare, is designed to crash any unpatched Windows Server ...
The Hacker News6h
Apple to Pay Siri Users $20 Per Device in Settlement Over Accidental Siri Privacy Violations
Apple has agreed to pay $95 million to settle a proposed class action lawsuit that accused the iPhone maker of invading users ...
The Hacker News9h
Severe Security Flaws Patched in Microsoft Dynamics 365 and Power Apps Web API
Three patched Dynamics 365 and Power Apps vulnerabilities exposed sensitive data, highlighting risks of API flaws.
The Hacker News1d
Three Russian-German Nationals Charged with Espionage for Russian Secret Service
German prosecutors charged three Russian-German nationals for espionage and sabotage, targeting German-U.S. military ...
The Hacker News1d
Malicious Obfuscated NPM Package Disguised as an Ethereum Tool Deploys Quasar RAT
Malicious npm package 'ethereumvulncontracthandler' delivers Quasar RAT to Windows systems, bypassing sandbox defenses, with ...
The Hacker News1d
Iranian and Russian Entities Sanctioned for Election Interference Using AI and Cyber Tactics
The federal agency said the entities – a subordinate organization of Iran's Islamic Revolutionary Guard Corps and a ...
The Hacker News3d
New U.S. DoJ Rule Halts Bulk Data Transfers to Adversarial Nations to Protect Privacy
New DoJ rule halts sensitive data sales to adversaries like China, effective in 90 days, ensuring robust penalties and ...
The Hacker News4d
When Good Extensions Go Bad: Takeaways from the Campaign Targeting Browser Extensions
Over 2 million users exposed to malicious browser extensions targeting GenAI, VPNs, and productivity tools. Audit now!
The Hacker News1d
Chinese APT Exploits BeyondTrust API Key to Access U.S. Treasury Systems and Documents
A new report from the Washington Post published on January 1, 2024, revealed that the December cyber attack by Chinese threat ...
The Hacker News3d
Misconfigured Kubernetes RBAC in Azure Airflow Could Expose Entire Cluster to Exploitation
Cybersecurity researchers have uncovered three security weaknesses in Microsoft's Azure Data Factory Apache Airflow ...
The Hacker News2d
New "DoubleClickjacking" Exploit Bypasses Clickjacking Protections on Major Websites
New "DoubleClickjacking" attack bypasses clickjacking protections by exploiting double-click timing gaps, enabling account takeovers.