Incomplete fix for CVE-2024–0132 in NVIDIA Toolkit leaves Linux Docker hosts vulnerable to container escapes and DoS attacks.
Malicious npm package pdf-to-office trojanizes Atomic Wallet, Exodus apps to steal crypto funds, persisting after deletion.
Europol arrested five SmokeLoader customers using seized database links, exposing cybercrime’s hidden demand chain.
As websites incorporate more third-party tracking technologies, robust CSRF attack prevention becomes paramount. This case study illustrates how a misconfigured third-party vendor exposed CSRF tokens on a major retailer’s website, highlighting the risks of inadequate third-party security.
The Problem
A misconfiguration allowed a third-party pixel used by a major online retailer to access CSRF tokens and authentication tokens, which, as we noted, are critical security elements for preventing unauthorized actions. This exposure transmitted the tokens to remote third-party servers, creating a significant vulnerability that risked potential data breaches.
AkiraBot spammed 80,000 websites since September 2024 using GPT-4o-Mini, evading CAPTCHA with proxy tactics.
Sensata Technologies (known as Sensata) has suffered a ransomware attack last weekend that encrypted parts of the company network and disrupted operations.
In an 8-K filing to the U.S. Securities and Exchange Commission (SEC), Sensata says that the attack occurred on Sunday, April 6, and involved data theft, too.
“The incident has temporarily impacted Sensata’s operations, including shipping, receiving, manufacturing production, and various other support functions,” reads the notification.
Hackers started exploiting a high-severity flaw that allows bypassing authentication in the OttoKit (formerly SureTriggers) plugin for WordPress just hours after public disclosure.
Users are strongly recommended to upgrade to the latest version of OttoKit/SureTriggers, currently 1.0.79, released at the beginning of the month.
The OttoKit WordPress plugin allows users to connect plugins and external tools like WooCommerce, Mailchimp, and Google Sheets, automate tasks like sending emails and adding users, or updating CRMs without code. Statistics show that the product is active on 100,000 websites.
Microsoft has released an out-of-band Office update to fix a known issue that caused Word, Excel, and Outlook to crash after installing the KB5002700 security update for Office 2016.
The company acknowledged these problems following user reports on social media that Office apps no longer open after applying the April 2025 security updates.
“We’re experiencing an issue on Windows 10 with Office 2016 where Word and Excel no longer open,” one impacted Office user said.
OpenAI is giving ChatGPT’s memory feature its biggest upgrade yet, allowing the AI to know you better by referencing all your past conversations.
Wearables such as smartwatches, fitness trackers, or data glasses have become an integral part of our everyday lives. They record health data, monitor your sleep, or calculate your calorie consumption. Researchers from Karlsruhe Institute of Technology (KIT) have developed the open-source platform “OpenEarable.” It integrates a multitude of sensors into wireless earphones with the aim to enhance health measurements and safety applications in medicine, industry, and everyday life. The scientists are currently presenting their platform at Hannover Messe from March 31 to April 4.
Wearable technologies have made significant progress in recent years, but many of the existing systems are either proprietary, i.e. not customizable by others, or their measurement capabilities are limited. With OpenEarable 2.0, a research team headed by Dr. Tobias Röddiger from KIT’s TECO research group moves one step further: The open-source platform for ear-based sensor applications enables developers to create customized software. With a unique combination of sensors, more than 30 physiological parameters can be measured directly at the ear – from heart rate and breathing patterns to fatigue and body temperature. “Our aim was to create an open and high-precision solution for health monitoring that goes far beyond what is possible with today’s commercial wearables,” says Röddiger. “OpenEarable 2.0 provides a platform for researchers and developers that is easily customizable and scalable. This allows them to program the earphones individually for specific requirements.