security researcher
Coverage of security researcher in the Nexus archive.
- Security researcher finds Zcash vulnerability allowing ‘unlimited’ counterfeit minting; ZEC drops 31%
A security researcher discovered a Zcash vulnerability enabling unlimited counterfeit minting, leading to a 31% drop in ZEC's value. The vulnerability was fixed within days, with findings suggesting actual exploitation is unlikely.
- GitHub bans security researcher who posted zero-day Windows exploits
GitHub has banned a security researcher for posting zero-day Windows exploits, with the researcher claiming the action was vindictive and detrimental to their life, and vowing further retaliation. The article highlights the researcher's assertion that GitHub's decision ruined their life and promises of additional retaliation.
- Google API Keys Remain Active After Deletion
A security researcher discovered that Google API keys remain active for approximately 23 minutes after deletion, contradicting Google's claim of immediate deletion. This delay poses a potential security risk as deleted keys can still be used to access cloud resources during the grace period.
- Hackers are abusing unpatched Windows security flaws to hack into organizations
A security researcher disclosed three vulnerabilities in Windows Defender along with exploit code. Hackers are now exploiting these flaws in real-world attacks, as reported by a cybersecurity firm.
- Ghost breaches: How AI-mediated narratives have become a new threat vector
AI-generated narratives are creating fictional data breaches and resurrecting old incidents, causing real-world crises for companies. These fabricated stories, complete with technical details and false quotes, trigger costly investigations and defensive actions, exposing a new threat vector in cybersecurity.
- AI agents found vulns in this popular Linux and Unix print server
A security researcher and AI agents discovered two vulnerabilities in the CUPS print server, allowing unauthenticated remote code execution and root access. The flaws could enable attackers to overwrite files and execute arbitrary code on affected systems.