Articles tagged "Intel"

Found 12 articles

A serious vulnerability in the Linux Kernel-based Virtual Machine (KVM) has been discovered, allowing attackers to potentially escape from a virtual machine (VM) to the host system. This flaw, which is 16 years old, affects both Intel and AMD systems. Security researcher Hyunwoo Kim reported that the issue is a use-after-free vulnerability, enabling malicious code running in a guest VM to corrupt the memory of the host kernel. The implications are significant, as it could allow unauthorized access to sensitive data or control over the host. Organizations using affected systems should take immediate action to assess their vulnerability and apply necessary patches to safeguard their environments.

Read Original

A vulnerability in the Linux KVM hypervisor has been discovered, allowing guest virtual machines (VMs) to escape and potentially compromise the host system. This flaw, identified as CVE-2026-53359 and nicknamed 'Januscape,' arises from a use-after-free bug within the shadow MMU code that is utilized by both Intel and AMD x86 architectures. Researchers have demonstrated a proof-of-concept that can crash the host machine, raising concerns about the security of virtualized environments. The existence of an unreleased exploit that could further exploit this vulnerability has also been claimed, suggesting that the risk is significant. Organizations using Linux KVM on affected systems should take immediate precautions to secure their environments.

Read Original

A recent warning from the intelligence agencies of the Five Eyes alliance—comprising Australia, Canada, New Zealand, the United Kingdom, and the United States—indicates that advanced AI models are set to transform the field of cybersecurity at an accelerated pace. Experts believe that these frontier AI technologies could change how cybersecurity threats are identified and mitigated. The rapid evolution of AI capabilities may outstrip current defenses, making organizations more vulnerable to attacks. This shift is concerning for businesses and individuals alike, as it could lead to more sophisticated cyber threats that are harder to detect and counter. Stakeholders in cybersecurity need to adapt quickly to these changes to protect sensitive information effectively.

Read Original

A new threat group, referred to as Operation Escaneo, has emerged in Latin America, displaying a unique approach to cyberattacks. This group appears to blend opportunistic monetization with intelligence gathering, often without coordinated efforts between the two activities. This dual focus raises concerns about the potential for more disruptive attacks, as the group may exploit vulnerabilities for financial gain while simultaneously collecting valuable information. The implications of this strategy could affect various sectors in the region, particularly as attackers may target organizations without prior notice. Companies need to be vigilant and enhance their cybersecurity measures to defend against such evolving threats.

Read Original
Actively Exploited

Google's threat intelligence team has identified a new extortion group known as UNC6783, which appears to be linked to the Raccoon persona. This group is specifically targeting Business Process Outsourcing (BPO) companies and helpdesk services, indicating a shift in focus towards sectors that handle sensitive customer data. The group's tactics may involve ransomware or other extortion methods, which poses significant risks to affected organizations. Companies in the BPO sector should be vigilant and enhance their security measures to protect against potential breaches and data leaks. As this threat evolves, understanding the methods and motivations behind it will be crucial for businesses in these industries.

Read Original
Critical
Dutch Intel Warns of Russian Hackers Hijacking Signal, WhatsApp Attacks

Hackread – Cybersecurity News, Data Breaches, AI and More

Actively Exploited

Dutch intelligence agencies have issued a warning about Russian hackers who are targeting Signal and WhatsApp accounts. These attackers are using fake support bots and scams that trick users into providing verification codes. The primary targets of these scams are officials and journalists, raising concerns about the potential for unauthorized access to sensitive communications. This incident highlights the ongoing risks posed by cybercriminals and the need for users to be vigilant when managing their online accounts. As these platforms are commonly used for secure communication, any compromise could have serious implications for privacy and security.

Read Original

A recent security audit conducted by Google and Intel has uncovered a serious vulnerability in the Trusted Execution Environment (TDX) that could allow attackers to fully compromise affected systems. This issue affects various products utilizing TDX technology, which is designed to enhance security by isolating sensitive data. The discovery of this vulnerability raises significant concerns for organizations relying on TDX for data protection, as it could lead to unauthorized access and data breaches. Companies using affected systems should prioritize investigation and remediation efforts to safeguard their environments. As of now, there is no indication of this vulnerability being actively exploited in the wild, but the potential for future attacks remains a pressing concern.

Read Original
Actively Exploited

Threat intelligence experts have issued a warning that cybercriminals are actively seeking out misconfigured proxy servers to exploit access to application programming interfaces (APIs) used by various large language models (LLMs). This tactic allows attackers to manipulate these models for malicious purposes, potentially leading to unauthorized data access or the generation of harmful content. Organizations that utilize LLMs need to ensure their proxy servers are correctly configured to prevent exploitation. If left unchecked, these vulnerabilities could allow attackers to compromise sensitive information or disrupt services. It's crucial for companies to take proactive measures to secure their systems against this emerging threat.

Read Original

The React2Shell vulnerability is currently being exploited by cybercriminals to install malware on Linux systems. Researchers from Palo Alto Networks and NTT Security have identified that this vulnerability facilitates the deployment of malicious tools like KSwapDoor and ZnDoor. KSwapDoor is particularly concerning as it is a sophisticated remote access tool designed to operate stealthily, allowing attackers to maintain control over compromised systems without detection. This ongoing threat affects organizations running vulnerable Linux environments, making it crucial for them to take immediate action to secure their systems. Users need to be aware of the risks and ensure their defenses are updated to mitigate potential attacks.

Read Original
Critical
Over 70 Domains Used in Months-Long Phishing Spree Against US Universities

Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More

Actively Exploited

A phishing campaign utilizing the Evilginx kit has targeted 18 US universities, successfully bypassing Multi-Factor Authentication (MFA) to steal credentials over a period from April to November 2025. The severity of the threat highlights the vulnerabilities in MFA systems and the need for enhanced security measures in educational institutions.

Read Original

The article reports on a joint investigation revealing a remote IT worker infiltration scheme linked to North Korea's Lazarus Group. This scheme highlights the persistent threat posed by state-sponsored cyber actors, emphasizing the need for heightened awareness and security measures against such infiltration tactics.

Read Original

Researchers have developed a low-cost device that successfully bypasses the memory encryption protections implemented by AMD and Intel, exposing significant vulnerabilities in scalable memory encryption systems. This discovery raises serious concerns regarding the integrity and confidentiality of data processed by these chipmakers' technologies.

Read Original