Hidden Waymo feature let researcher customize robotaxi's display | TechCrunchA researcher found a hidden Waymo app feature that allowed her to customize the robotaxi's display, prompting an immediate patch from the company.
Zero Day Initiative - Reviewing the Attack Surface of the Autel MaxiCharger: Part OneThe Autel MaxiCharger AC Wallbox is a focus at Pwn2Own Automotive, highlighting its potential security vulnerabilities for research.
Germany drafts law to protect researchers who find security flawsGermany is drafting a law to protect security researchers from criminal prosecution.Responsible reporting of vulnerabilities will be legally shielded under the new law.
Zero Day Initiative - SolarWinds Access Rights Manager: One Vulnerability to LPE Them AllSolarWinds Access Right Manager was found to have critical vulnerabilities that can lead to local privilege escalation on Windows systems.
Researchers find insecure SSH implementations everywhereThe research by runZero found numerous vulnerabilities in poorly secured SSH services, highlighting the importance of addressing security gaps in various devices.
Germany drafts law to protect researchers who find security flawsGermany is drafting a law to protect security researchers from criminal prosecution.Responsible reporting of vulnerabilities will be legally shielded under the new law.
Zero Day Initiative - SolarWinds Access Rights Manager: One Vulnerability to LPE Them AllSolarWinds Access Right Manager was found to have critical vulnerabilities that can lead to local privilege escalation on Windows systems.
Researchers find insecure SSH implementations everywhereThe research by runZero found numerous vulnerabilities in poorly secured SSH services, highlighting the importance of addressing security gaps in various devices.
Security bugs in ransomware leak sites helped save six companies from paying hefty ransoms | TechCrunchRookie security flaws in ransomware gangs' web infrastructure saved companies from paying hefty ransoms.
Google patches Quick Share for Windows to shut malware holeGoogle's Quick Share for Windows had 10 now-fixed bugs, allowing remote code execution through a full RCE chain.
Security bugs in ransomware leak sites helped save six companies from paying hefty ransoms | TechCrunchRookie security flaws in ransomware gangs' web infrastructure saved companies from paying hefty ransoms.
Google patches Quick Share for Windows to shut malware holeGoogle's Quick Share for Windows had 10 now-fixed bugs, allowing remote code execution through a full RCE chain.
Zombie worm continues to infect millions of IPs years after it was left for deadAn old USB worm, self-replicating and backdooring devices, remains active on thousands if not millions of machines despite creators losing control.
Restricting Flipper is a Zero Accountability Approach to Security: Canadian Government Response to Car HackingCanada announces ban on Flipper Zero for keyless car theftBanning general purpose devices like Flipper Zero hampers security research and technological development
ALPHV/BlackCat gang vanishes amid ransomware 'turmoil' | Computer WeeklyALPHV/BlackCat ransomware crew shut down server infrastructure amid allegations of stealing millionsNo law enforcement action involved in the takedown according to National Crime Agency report
New SnailLoad Attack Exploits Network Latency to Spy on Users' Web ActivitiesSnailLoad is a new side-channel attack that can remotely infer a user's web activity by exploiting network latency, without needing to be in proximity or conduct AitM attacks.