Skip to content
The Nexus
DossierENTITY

security vulnerability

Coverage of security vulnerability in the Nexus archive.

Earliest in view: Mar 31 · 20:26 UTCMost recent: Jul 8 · 11:51 UTC
Co-mentioned in this coverage
Recent coverage
  • SECURITYJul 8 · 11:51 UTCTHE HACKER NEWS
    GitHub 'Verified' Commits Can Be Rewritten Into New Hashes Without Breaking Signatures

    Research reveals that GitHub's 'Verified' commits can be altered to create new hashes with identical files, author, and date while maintaining valid signatures. This undermines the assumption that a commit's hash is unique, as GitHub still verifies the altered commit despite the hash change.

  • SECURITYApr 30 · 19:36 UTCTECHCRUNCH
    Hackers are actively exploiting a bug in cPanel, used by millions of websites

    Hackers are actively exploiting a critical vulnerability in cPanel, a web hosting platform used by millions of websites. Web hosts are urgently working to address the issue, with one company reporting that the bug has been abused by attackers for months.

  • SECURITYApr 30 · 16:43 UTCHACKER NEWS
    CopyFail Was Not Disclosed to Distros

    A security vulnerability named CopyFail was not disclosed to Linux distributions, raising concerns about transparency in open-source security practices. The issue was discussed on OpenWall's security mailing list and gained traction on Hacker News with 93 points and 30 comments.

  • SECURITYApr 30 · 05:07 UTCHACKER NEWS
    Copy Fail: 732 Bytes to Root on Every Major Linux Distribution

    The article discusses a critical security vulnerability in major Linux distributions, where a 732-byte exploit allows unauthorized root access. The post is from xint.io's blog and is discussed on Hacker News.

  • SECURITYApr 27 · 16:26 UTCR/CRYPTOMARKETS
    Deepfake Call Tricks Cardano Dev, Exposes New Weak Spot

    A deepfake phone call successfully tricked a Cardano developer, exposing a new security vulnerability in the cryptocurrency's infrastructure. The incident highlights the risks of social engineering attacks targeting blockchain developers.

  • SECURITYApr 24 · 19:30 UTCHACKER NEWS
    My audio interface has SSH enabled by default

    The Rodecaster Duo audio interface has SSH enabled by default, raising potential security concerns. This default configuration could expose devices to unauthorized access if not properly secured.

  • SECURITYApr 17 · 10:52 UTCDAILY MAIL US
    Is YOUR phone safe? Facial recognition on 21 popular devices can be easily spoofed with printed photos, tests reveal - so, is yours on the list?

    A test revealed that facial recognition on 21 popular devices can be easily spoofed using printed photos, raising concerns about smartphone security. The findings highlight potential vulnerabilities in biometric authentication systems.

  • SECURITYApr 16 · 08:00 UTCTHE REGISTER
    Server-room lock was nothing but a crock

    The article criticizes a security vulnerability caused by inadequate physical security measures, specifically an unlocked server room, leading to a breach. It highlights the importance of physical security as a critical component of overall cybersecurity.

  • SECURITYApr 9 · 17:26 UTCTHE HACKER NEWS
    EngageLab SDK Flaw Exposed 50M Android Users, Including 30M Crypto Wallet Installs

    A security vulnerability in the EngageLab SDK, used by Android apps, allowed unauthorized access to private data by bypassing Android's security sandbox. The flaw affected 50 million Android users, including 30 million cryptocurrency wallet installations, but has since been patched.

  • SECURITYMar 31 · 20:26 UTCDARK READING
    Google's Vertex AI Is Over-Privileged. That's a Problem

    Researchers from Palo Alto Networks discovered a critical security flaw in Google's Vertex AI, allowing attackers to exploit over-privileged AI agents for data theft and unauthorized access to restricted cloud infrastructure. The vulnerability highlights significant risks in AI-driven cloud systems.

security vulnerability · Dossier · The Nexus