Cybersecurity researchers have discovered a bypass for a now-patched security vulnerability in the NVIDIA Container Toolkit that could be exploited to break out of a container’s isolation protections and gain complete access to the underlying host. The new vulnerability is being tracked as CVE-2025-23359 (CVSS score: 8.3). It affects the following versions – NVIDIA Container […]
Category Archives: Uncategorized
CISOs are finding themselves more involved in AI teams, often leading the cross-functional effort and AI strategy. But there aren’t many resources to guide them on what their role should look like or what they should bring to these meetings. We’ve pulled together a framework for security leaders to help push AI teams and committees […]
The North Korea-linked threat actor known as Kimsuky has been observed using a new tactic that involves deceiving targets into running PowerShell as an administrator and then instructing them to paste and run malicious code provided by them. “To execute this tactic, the threat actor masquerades as a South Korean government official and over time […]
Microsoft on Tuesday released fixes for 63 security flaws impacting its software products, including two vulnerabilities that it said has come under active exploitation in the wild. Of the 63 vulnerabilities, three are rated Critical, 57 are rated Important, one is rated Moderate, and two are rated Low in severity. This is aside from the […]
Ivanti has released security updates to address multiple security flaws impacting Connect Secure (ICS), Policy Secure (IPS), and Cloud Services Application (CSA) that could be exploited to achieve arbitrary code execution. The list of vulnerabilities is below – CVE-2024-38657 (CVSS score: 9.1) – External control of a file name in Ivanti Connect Secure before version […]
More than half of attacks on Indian businesses come from outside the country, while 45% of those targeting consumers come from Cambodia, Myanmar, and Laos. Go to Source Author: Robert Lemos, Contributing Writer
But there’s plenty in it — including two zero-days — that need immediate attention. Go to Source Author: Jai Vijayan, Contributing Writer
The vulnerability could allow a threat actor to disable the security feature on a locked device and gain access to user data. Go to Source Author: Kristina Beek, Associate Editor, Dark Reading
The staffers were tasked with building relationships on the ground across the country in local election jurisdictions, teaching election officials tactics on mitigating cyber threats, cyber hygiene, combating misinformation and foreign influence, and more. Go to Source Author: Kristina Beek, Associate Editor, Dark Reading
State-led data privacy laws and commitment to enforcement play a major factor in shoring up business data security, an analysis shows. Go to Source Author: Becky Bracken, Senior Editor, Dark Reading