Chrome 138 Update Patches Zero-Day Vulnerability https://www.securityweek.com/chrome-138-update-patches-zero-day-vulnerability/ #Vulnerabilities #exploited #ZeroDay #Chrome
#exploited
0 posts0 participants0 posts today
Actively #exploited #vulnerability gives extraordinary control over #server fleets
The vulnerability, carrying a #severity rating of 10 out of a possible 10, resides in the #AMIMegaRAC , a widely used #firmware package that allows large fleets of servers to be remotely accessed and managed even when power is unavailable or the operating system isn't functioning.
#security #ami #megarac
Ars Technica · Actively exploited vulnerability gives extraordinary control over server fleets
Sunday, May 4, 2025
Ukrainian sea drone downs Russian fighter jet in world-first strike — Russia used thermobaric weapons in drone strike on Kharkiv, Ukrainian prosecutors say — Russian drone attack on Kyiv injures 11 people, including 2 children, damages shopping mall — France to ramp up AASM Hammer smart bomb production for Ukraine … and more
https://activitypub.writeworks.uk/2025/05/sunday-may-4-2025/
Employee #monitoring app exposes 21M work screens | Cybernews
The #leaked data is extremely sensitive, as millions of screenshots from employees' devices could not only expose full-screen captures of emails, internal chats, and confidential business documents, but also contain #login pages, credentials, #APIkeys , and other sensitive info that could be #exploited to attack businesses worldwide.
Cybernews contacted the company, and access has now been secured.
#privacy
https://cybernews.com/security/employee-monitoring-app-leaks-millions-screenshots/
Fresh Windows NTLM Vulnerability Exploited in Attacks – Source: www.securityweek.com https://ciso2ciso.com/fresh-windows-ntlm-vulnerability-exploited-in-attacks-source-www-securityweek-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #vulnerabilities #securityweekcom #securityweek #Exploited #FEATURED #Windows #NTLM
CISO2CISO.COM & CYBER SECURITY GROUP · Fresh Windows NTLM Vulnerability Exploited in Attacks – Source: www.securityweek.comSource: www.securityweek.com - Author: Ionut Arghire The exploitation of a Windows NTLM vulnerability started roughly a week after patches were released
Huge #ransomware campaign targets #AWS S3 storage: attackers have thousands of keys
"A massive database of over 1,200 unique #Amazon Web Services (AWS) access keys has been amassed and #exploited in a ransomware campaign. Administrators of exposed AWS S3 buckets are finding their files encrypted except for a ransom note demanding payment in bitcoin."
https://cybernews.com/security/aws-cloud-storage-bucket-ransomware-attacks/
...speaking of #ww2, remember these guys? #Navajo #code talkers
https://www.nationalww2museum.org/war/articles/american-indian-code-talkers
...crazy how who we are and what we know is only valued when it can be #exploited for their purposes... which is mostly #war mongering and tricking us into exploiting each other so they can forget us a11 when its done, and then wipe our names from the registry of existence they lie about and mislabel #history ...
The National WWII Museum | New OrleansAmerican Indian Code Talkers | The National WWII Museum | New OrleansThe idea of using American Indians who were fluent in both their traditional tribal language and in English to send secret messages in battle was first put to the test in World War I with the Choctaw Telephone Squad and other Native communications experts and messengers. However, it wasn’t until World War II that the US military developed a specific policy to recruit and train American Indian speakers to become code talkers.
#DemocracyNow: “What About the Capitalists?”: Autoworkers in U.S., Mexico Call for Solidarity, Not Divisive Tariffs
Story April 08, 2025
"As workers brace for uncertainty and fallout from #Trump’s #tariffs, we hear from two #autoworkers, one in #Mexico and one in the United States. Israel Cervantes, founder of the National Independent Union for Workers in the Automotive Industry in Mexico, calls for unions across #NorthAmerica to unite against the tariffs, which have already led to layoffs from auto manufacturers. In the U.S., autoworker and UAW member Sean Crawford joins Democracy Now! on his work break to respond to the rhetoric and impact of the tariffs. 'They are always harping on foreigners, foreigners, foreigners. But what about the #capitalists? says Crawford, who urges international solidarity against #corporations’ attempts to sow division among #exploited #workers. “This nationalistic viewpoint has not been working for us and has resulted in a lot of these layoffs,' he says. 'I want to see us grow together as a #WorkingClass.'"
Listen / watch / read transcript:
https://www.democracynow.org/2025/4/8/uaw_tariffs_autoworkers_union#transcript
#ViewerSupportedNews #TrumpTariffs #Workers
Democracy Now! · “What About the Capitalists?”: Autoworkers in U.S., Mexico Call for Solidarity, Not Divisive Tariffs
Details Emerge on CVE Controversy Around Exploited CrushFTP Vulnerability https://www.securityweek.com/details-emerge-on-cve-controversy-around-exploited-crushftp-vulnerability/ #Vulnerabilities #exploited #CrushFTP #Featured #CVE
Continued thread
#DavidGeier, has published numerous articles in #medical literature attempting to tie mercury in #vaccines to #autism. In 2012, state authorities in Maryland found that he had been practicing #medicine WITHOUT a license alongside his father, Mark Geier, who was a doctor at the time.
MD authorities also suspended Mark Geier’s #MedicalLicense following claims that he #endangered #children w/ autism & #exploited their parents, acc/to state records.
#PaloAlto #Firewalls Under #Attack As Miscreants Chain Flaws For #Root Access - Slashdot
A recently patched #PaloAltoNetworks #vulnerability (CVE-2025-0108) is being actively #exploited alongside two older flaws (CVE-2024-9474 and CVE-2025-0111), allowing attackers to gain root access to unpatched firewalls.
#firewall #security
it.slashdot.orgPalo Alto Firewalls Under Attack As Miscreants Chain Flaws For Root Access - SlashdotA recently patched Palo Alto Networks vulnerability (CVE-2025-0108) is being actively exploited alongside two older flaws (CVE-2024-9474 and CVE-2025-0111), allowing attackers to gain root access to unpatched firewalls. The Register reports: This story starts with CVE-2024-9474, a 6.9-rated privile...
#Apple Fixes Zero-Day #Exploited In 'Extremely Sophisticated' Attacks - Slashdot
apple.slashdot.orgApple Fixes Zero-Day Exploited In 'Extremely Sophisticated' Attacks - SlashdotApple has released emergency security updates for iOS 18.3.1 and iPadOS 18.3.1 to patch a zero-day vulnerability (CVE-2025-24200) that was exploited in "extremely sophisticated," targeted attacks. The flaw, which allowed a physical attack to disable USB Restricted Mode on locked devices, was discove...
#Hackers are #exploiting a new #Ivanti #VPN #security bug to #hack into company networks | TechCrunch
US software giant Ivanti has warned that a zero-day #vulnerability in its widely-used enterprise VPN appliance has been #exploited to compromise the networks of its corporate customers.
#privacy #exploit #zeroday
TechCrunch · Hackers are exploiting a new Ivanti VPN security bug to hack into company networks | TechCrunchMandiant says a Chinese cyberespionage group has been exploiting the critical-rated vulnerability since at least mid-December.
Replied in thread
@rowlandm unfortunately, no, I don't feel like these contributions have added any value to my portfolio/resume. For example, let's talk about #gitlab. The reason why I stopped was because I felt #exploited. For almost 6 months, all I did was #contribute - I also took part in 2 of their #hackathon. Any interaction with their employees felt robotic, corporate-like. I wanted something out of the community - #jobopportunities, #mentorship, or #upskilling, but nothing came out of it.
#Apple Confirms Zero-Day Attacks Hitting #macOS Systems - SecurityWeek
Apple rushes out out major macOS and #iOS #security updates to cover a pair of #vulnerabilities already being #exploited in the wild.
#zeroday #0day
https://www.securityweek.com/apple-confirms-zero-day-attacks-hitting-intel-based-macs/
The Broader Push to Rewrite #History.
Israel's assault on #Palestinian #heritage goes beyond fabricated #archaeological narratives—it’s a #systematic effort to erase history and consolidate control. Here are more key aspects of the campaign:
#Looting of #WestBank #Antiquities :
For decades, #Israel has #exploited the occupied territories' rich archaeological sites, #smuggling thousands of #artifacts to build its #colonial narrative. The new bill seeks to #institutionalize this #theft, granting #extremist officials unchecked authority over excavation and #HeritagePreservation in Palestinian areas.
The Role of the Israeli Antiquities Authority:
Under the guise of #AcademicResearch, the #IsraeliAntiquitiesAuthority frequently removes artifacts from the West Bank, exhibiting them in Israeli #museums without acknowledging their Palestinian origins. This process not only strips Palestinians of their #cultural history but also bolsters Israel’s claim to the land.
Settler-Led Excavations:
Settler organizations like #Elad are at the forefront of #illegal excavations, particularly in East #Jerusalem. These digs disrupt Palestinian neighborhoods, displace families, and create #tourist sites glorifying biblical narratives while erasing the #multicultural history of the region.
Linking Settlements to #BiblicalClaims:
Israeli settlement expansion is increasingly tied to archaeological claims. By declaring areas with supposed biblical significance, such as #Hebron or #Shiloh as part of #Jewish heritage, the #llegalOccupation justifies #annexation and denies Palestinians access to their land.
The International Fallout:
Despite warnings from Israeli #archaeologists and global institutions, the government continues its #unilateral moves. If the bill passes, Israel risks severe isolation, as #CulturalTheft violates international conventions, including #UNESCO protection of #CulturalHeritage during conflicts.
These moves are not just an assault on history—they are an extension of the colonial project, reshaping the narrative to legitimize an occupation that erases Palestinian identity. The stakes go beyond antiquities; they encompass the right of a people to their past, present, and future.
Full article by Alaa Al-Lami:
https://www.al-akhbar.com/Culture_People/387633
#FreePalestine
#IsraelIsATerroristState
#IsraelWarCrimes
#IsraelRogueState
#ArmsEmbargoOnIsrael
#USAFundsGenocide
#BoycottIsrael
#BDSMovement
#BoycottIsraeliApartheid
#StopGenocide
#ApartheidIsrael
#SanctionIsrael
#ExposeIsraeliTerrorists
#ZionismIsACult
#Journalism
#Historians
#Decolonization
#fcknzs Replied in thread
#Incumbent #Republican #StateSenator #DanForeman Tells #Indigenous #Candidate #TrishCarterGoodheart To 'Go Back Where You Came From'—And She Has The #Perfect #Response 'Where am I supposed to go?'.
The racist 71-year-old Foreman—a #retired #policeofficer—also #exploited the opportunity to spread his #ChristianNationalist (#Fascist), #misogynist, #homophobic and #transphobic "#values."
https://www.comicsands.com/republican-indigenous-candidate-go-back-2669338918.html
Comic Sands · Trish Carter-Goodheart Responds To Dan Foreman's Racist Comment
#Microsoft Says #Windows Update Zero-Day Being #Exploited to Undo #Security Fixes - SecurityWeek
#PatchTuesday : Microsoft raises an alarm for in-the-wild #exploitation of a critical flaw in #WindowsUpdate.
SecurityWeek · Microsoft Says Windows Update Zero-Day Being Exploited to Undo Security FixesMicrosoft patched four zero-days, including a critical bug (CVE-2024-43491) in Windows Update that allows rollback of security fixes.