Written by 
“I cannot believe that we’re seeing command injection vulnerabilities in 2024 in any products, let alone a secure remote access product that’s supposed to have additional vetting for use by the US government,” says Jake Williams, vice president of research and development at the cybersecurity consultancy Hunter Strategy and a former NSA hacker. “They are […]
Every year has its own mix of digital security debacles, from the absurd to the sinister, but 2024 was particularly marked by hacking sprees in which cybercriminals and state-backed espionage groups repeatedly exploited the same weakness or type of target to fuel their frenzy. For attackers, the approach is ruthlessly efficient, but for compromised institutions—and […]
Synology patches critical zero-click vulnerabilities in NAS devices Attackers can exploit vulnerabilities without user interaction $260,000 was awarded to researchers for discovering exploits Synology has recently patched a critical security flaw in its NAS device products which could have allowed hackers to hijack victim units. The company released two advisories to notify users about patched […]
In recent years, commercial spyware has been deployed by more actors against a wider range of victims, but the prevailing narrative has still been that the malware is used in targeted attacks against an extremely small number of people. At the same time, though, it has been difficult to check devices for infection, leading individuals […]
US semiconductor giant Intel said it would expand its chip packaging and testing base in Chengdu, in a show of commitment to the mainland market despite a recent call by a Beijing-backed cybersecurity group to review the company’s products. In addition to enlarging packaging and testing capacity for server chips, the facility will also establish […]