03 December 2023
Apple Patches WebKit Flaws Exploited on Older iPhones
Apple's security team warns of exploited flaws (CVE-2023-42916 and CVE-2023-42917) in iOS versions before iOS 16.7.1, emphasizing the need for immediate updates.
OpenAI’s Custom Chatbots Are Leaking Their Secrets
OpenAI's GPTs, allowing easy creation of custom chatbots, face security concerns due to exposed data. Despite not needing coding knowledge, vulnerabilities in these systems risk data exposure.
Notepad++ Input Validation Flaws Lead to Uncontrolled Search Path Vulnerability
Notepad++ has an uncontrolled search path vulnerability that threat actors could exploit, allowing unauthorized access to an untrusted search path. A patch is awaited.
Russian Hacker Vladimir Dunaev Convicted for Creating TrickBot Malware
A Russian individual has been convicted for involvement in developing and deploying TrickBot malware in the U.S., highlighting legal actions against cybercriminals.
Agent Racoon Backdoor Targets Organizations in Middle East, Africa, and U.S.
Organizations across various sectors in the Middle East, Africa, and the U.S. are targeted by an unknown threat actor deploying the Agent Racoon backdoor, displaying nation-state-aligned characteristics.
New SugarGh0st RAT Delivered via Malicious Windows Shortcut & JavaScript
Hackers are leveraging Remote Access Trojans (RATs) like SugarGh0st, enabling unauthorized access and control over victim computers while operating discreetly.