The Information Highway

The Information Highway

Unpatched Mazda Connect bugs let hackers install persistent malware

headpi_20241109-194606_1

Attackers could exploit several vulnerabilities in the Mazda Connect infotainment unit, present in multiple car models including Mazda 3 (2014-2021), to execute arbitrary code with root permission. 

Continue reading
  345 Hits

Apache fixes critical OFBiz remote code execution vulnerability

apache-header-image

Apache has fixed a critical security vulnerability in its open-source OFBiz (Open For Business) software, which could allow attackers to execute arbitrary code on vulnerable Linux and Windows servers.

Continue reading
  303 Hits

Hackers phish finance orgs using trojanized Minesweeper clone

minesweeper-virus

Hackers are utilizing code from a Python clone of Microsoft's venerable Minesweeper game to hide malicious scripts in attacks on European and US financial organizations.

Continue reading
  529 Hits

Widely used modems in industrial IoT devices open to SMS attack

world-internet-network

Security flaws in Telit Cinterion cellular modems, widely used in sectors including industrial, healthcare, and telecommunications, could allow remote attackers to execute arbitrary code via SMS.

Continue reading
  596 Hits

Hackers exploit WordPress plugin flaw to infect 3,300 sites with malware

back

Hackers are breaching WordPress sites by exploiting a vulnerability in outdated versions of the Popup Builder plugin, infecting over 3,300 websites with malicious code.

Continue reading
  670 Hits

Malicious AI models on Hugging Face backdoor users’ machines

evil-hacker-ai

At least 100 instances of malicious AI ML models were found on the Hugging Face platform, some of which can execute code on the victim's machine, giving attackers a persistent backdoor.

Continue reading
  749 Hits

Critical RCE flaws found in SolarWinds access audit solution

connector

Security researchers found three critical remote code execution vulnerabilities in the SolarWinds Access Rights Manager (ARM) product that remote attackers could use to run code with SYSTEM privileges. 

Continue reading
  991 Hits

Top Breaches Of 2023

Customers Affected In T-Mobile Breach
Accounts Affected In MOVEit Breach
Customers Affected In MCNA Insurance Data Breach
Individuals Affected In PharMerica Data Breach
Users Affected In ChatGPT Major Data Breach
*Founder Shield End of Year 2023