The aCropalypse Vulnerability Poses a Threat Not Only to Pixel, but Also to Windows

Information security experts have discovered that the aCropalypse vulnerability, which allows restoring the original image edited on a Google Pixel device (using the Markup tool), is turning into a 0-day for Windows. Let me remind you that we also wrote that YouTube Video Causes Pixel Smartphones to Reboot, and also that Information Security Specialists Discovered… Continue reading The aCropalypse Vulnerability Poses a Threat Not Only to Pixel, but Also to Windows

Attackers target .NET Developers with Malicious NuGet Packages

JFrog experts warned that attackers are targeting .NET developers through malicious packages from the NuGet repository and infecting their systems with malware that steals cryptocurrency. Let me remind you that we also said that Researchers discovered four npm packages that were collecting user data, and also that Log4j vulnerability threatens 35,000 Java packages. Also, information… Continue reading Attackers target .NET Developers with Malicious NuGet Packages

ChatGPT Users Complained about Seeing Other People’s Chat Histories

Some ChatGPT users have reported on social media that their accounts show other people’s chat histories. Let me remind you that we also wrote that Russian Cybercriminals Seek Access to OpenAI ChatGPT, and also that Bing Chatbot Could Be a Convincing Scammer, Researchers Say. The media also reported that Amateur Hackers Use ChatGPT to Create… Continue reading ChatGPT Users Complained about Seeing Other People’s Chat Histories

GPT-4 Tricked a Person into Solving a CAPTCHA for Them by Pretending to Be Visually Impaired

Prior to the launch of GPT-4 earlier this week, the researchers ran a lot of tests, such as whether the latest version of OpenAI’s GPT could demonstrate freedom, desire for power, and at least figured out that AI could deceive a human to bypass CAPTCHA. Let me remind you that we also wrote that Russian… Continue reading GPT-4 Tricked a Person into Solving a CAPTCHA for Them by Pretending to Be Visually Impaired

The FBI Said That the Damage from Cyberattacks in 2022 Exceeded $10 Billion

The FBI’s Internet Fraud Complaint Center (IC3) has released its annual 2022 Internet Crime and Cyber Attack Damage Report. During the year, the FBI reportedly received more than 800,000 cybercrime-related complaints, with total losses in excess of $10 billion. Let me remind you that we also wrote that FBI experts say that this year “sextortion”… Continue reading The FBI Said That the Damage from Cyberattacks in 2022 Exceeded $10 Billion

North Korean Hackers Attack Cybersecurity Specialists by Offering Them Jobs via LinkedIn

Mandiant experts noticed that North Korean hackers have focused their attention and attacks on information security specialists. Attackers try to infect researchers with malware in the hope of infiltrating the networks of companies that the targets work for. Let me remind you that we also wrote that Nearly 50% of Cybersecurity Leaders Will Change Jobs… Continue reading North Korean Hackers Attack Cybersecurity Specialists by Offering Them Jobs via LinkedIn

Emotet Has Resumed Activity after a Three-Month Break

Experts noticed that this week Emotet resumed its activity and after a three-month “rest” began to send malicious spam again. So far, information security specialists have not found any additional payloads. It looks like the malware is just collecting data for future spam campaigns. Let me remind you that we also wrote that Emotet Malware… Continue reading Emotet Has Resumed Activity after a Three-Month Break

Researcher Publishes RCE Exploit for Critical Vulnerability in Microsoft Word

A proof-of-concept exploit for the CVE-2023-21716 vulnerability in a Microsoft Office product, namely Microsoft Word, has emerged online. This issue has been rated 9.8 out of 10 on the CVSS Vulnerability Scoring Scale and can be used for remote code execution attacks via a malicious RTF file. Let me remind you that we also wrote… Continue reading Researcher Publishes RCE Exploit for Critical Vulnerability in Microsoft Word

Bing Chatbot Could Be a Convincing Scammer, Researchers Say

Security researchers have noticed that by using text prompts embedded in web pages, hackers can force Bing’s AI chatbot to ask for personal information from users, turning the bot into a convincing scammer. Let me remind you that we also recently wrote that Bing’s Built-In AI Chatbot Misinforms Users and Sometimes Goes Crazy, and also… Continue reading Bing Chatbot Could Be a Convincing Scammer, Researchers Say

BlackLotus UEFI Bootkit Bypasses Protection even in Windows 11

ESET experts reported that the BlackLotus UEFI bootkit, which is sold on hacker forums for about $ 5,000, is indeed capable of bypassing Secure Boot protection. According to researchers, the malware poses a threat even to fully updated machines running Windows 11 with UEFI Secure Boot enabled. Let me remind you that we also wrote… Continue reading BlackLotus UEFI Bootkit Bypasses Protection even in Windows 11