Latest Tech News

Stay updated with the latest in technology, AI, cybersecurity, and more

Filtered by: attack Clear Filter

New Linux udisks flaw lets attackers get root on major Linux distros

bleepingcomputer.com Unknown 2026-03-10 17:45:36

Attackers can exploit two newly discovered local privilege escalation (LPE) vulnerabilities to gain root privileges on systems running major Linux distributions. The first flaw (tracked as CVE-2025-6018) was found in the configuration of the Pluggable Authentication Modules (PAM) framework on openSUSE Leap 15 and SUSE Linux Enterprise 15, allowing local attackers to gain the privileges of the "allow_active" user. The other security bug (CVE-2025-6019) was discovered in libblockdev, and it enab

Topics: attackers gain linux qualys root
Read More
Shop Amazon

Sitecore CMS exploit chain starts with hardcoded 'b' password

bleepingcomputer.com Unknown 2026-03-12 07:10:35

A chain of Sitecore Experience Platform (XP) vulnerabilities allows attackers to perform remote code execution (RCE) without authentication to breach and hijack servers. Sitecore is a popular enterprise CMS used by businesses to create and manage content across websites and digital media. Discovered by watchTowr researchers, the pre-auth RCE chain disclosed today consists of three distinct vulnerabilities. It hinges on the presence of an internal user (sitecore\ServicesAPI) with a hardcoded pa

Topics: attacker path sitecore upload watchtowr
Read More
Shop Amazon

As grocery shortages persist, UNFI says it’s recovering from cyberattack

techcrunch.com Zack Whittaker 2026-03-14 15:15:49

Food distribution giant United Natural Foods (UNFI) said it is making “significant progress” in recovering from a cyberattack that occurred almost two weeks ago, as grocery stores across North America reliant on the distributor continue to report food shortages. UNFI said in an update on Sunday that it was restoring its electronic ordering systems, which its customers use to place orders for their grocery stores and supermarkets. The company, which provides more than 30,000 stores across the U

Topics: cyberattack foods stores techcrunch unfi
Read More
Shop Amazon

WestJet investigates cyberattack disrupting internal systems

bleepingcomputer.com Unknown 2026-03-15 00:34:10

WestJet, Canada's second-largest airline, is investigating a cyberattack that has disrupted access to some internal systems as it responds to the breach. "WestJet is aware of a cybersecurity incident involving internal systems and the WestJet app, which has restricted access for several users," reads a security advisory on WestJet's site. "We have activated specialized internal teams in cooperation with law enforcement and Transport Canada to investigate the matter and limit impacts." "We are

Topics: access attack internal services westjet
Read More
Shop Amazon

Trend Micro fixes critical vulnerabilities in multiple products

bleepingcomputer.com Unknown 2026-03-18 03:31:54

Trend Micro has released security updates to address multiple critical-severity remote code execution and authentication bypass vulnerabilities that impact its Apex Central and Endpoint Encryption (TMEE) PolicyServer products. The security vendor underlines that it has seen no evidence of active exploitation in the wild for any of them. However, immediate application of the security updates is recommended to address the risks. Trend Micro Endpoint Encryption PolicyServer is a central managemen

Topics: attackers authentication code pre remote
Read More
Shop Amazon

Fog ransomware attack uses unusual mix of legitimate and open-source tools

bleepingcomputer.com Unknown 2026-03-19 19:45:14

Fog ransomware hackers are using an uncommon toolset, which includes open-source pentesting utilities and a legitimate employee monitoring software called Syteca. The Fog ransomware operation was first observed last year in May leveraging compromised VPN credentials to access victims’ networks. Post-compromise, they used “pass-the-hash” attacks to gain admin privileges, disabled Windows Defender, and encrypted all files, including virtual machine storage. Later, the threat group was observed

Topics: attack attacks ransomware tool used
Read More
Shop Amazon

SmartAttack uses smartwatches to steal data from air-gapped systems

bleepingcomputer.com Unknown 2026-03-19 12:08:00

A new attack dubbed 'SmartAttack' uses smartwatches as a covert ultrasonic signal receiver to exfiltrate data from physically isolated (air-gapped) systems. Air-gapped systems, commonly deployed in mission-critical environments such as government facilities, weapons platforms, and nuclear power plants, are physically isolated from external networks to prevent malware infections and data theft. Despite this isolation, they remain vulnerable to compromise through insider threats such as rogue em

Topics: air data gapped signal smartattack
Read More
Shop Amazon

Onimusha: Way of the Sword brings Japanese cinematic royalty to the samurai fantasy series

engadget.com Unknown 2026-03-19 15:00:07

While the surprise of a new Resident Evil might have been Capcom's biggest story at SGF, it’s got other series – and other sequels – to show off, like Onimusha. Previously a banner PS2 series, Onimusha spanned four mainline games between 2001 and 2006. We’ve since seen remastered editions of the first two episodes. Still, a true sequel was long overdue, especially after games like Sekiro and Ghost of Tsushima showed a renewed appetite for feudal Japan swordplay. Through a theater presentation d

Topics: attacks gauntlet like musashi onimusha
Read More
Shop Amazon

Brute-force attacks target Apache Tomcat management panels

bleepingcomputer.com Unknown 2026-03-19 14:27:36

A coordinated campaign of brute-force attacks using hundreds of unique IP addresses targets Apache Tomcat Manager interfaces exposed online. Tomcat is a popular open-source web server widely used by large enterprises and SaaS providers, while Tomcat Manager is a web-based administration tool that comes bundled with the Tomcat server and helps admins manage deployed web apps via a graphical interface. Tomcat Manager is configured by default to only allow access from localhost (127.0.0.1), with

Topics: activity attacks exposed manager tomcat
Read More
Shop Amazon

Zero-click AI data leak flaw uncovered in Microsoft 365 Copilot

bleepingcomputer.com Unknown 2026-03-19 17:48:50

A new attack dubbed 'EchoLeak' is the first known zero-click AI vulnerability that enables attackers to exfiltrate sensitive data from Microsoft 365 Copilot from a user's context without interaction. The attack was devised by Aim Labs researchers in January 2025, who reported their findings to Microsoft. The tech giant assigned the CVE-2025-32711 identifier to the information disclosure flaw, rating it critical, and fixed it server-side in May, so no user action is required. Also, Microsoft no

Topics: attack data echoleak llm microsoft
Read More
Shop Amazon

New NailaoLocker ransomware used against EU healthcare orgs

bleepingcomputer.com Unknown 2025-11-13 12:00:00

A previously undocumented ransomware payload named NailaoLocker has been spotted in attacks targeting European healthcare organizations between June and October 2024. The attacks exploited CVE-2024-24919, a Check Point Security Gateway vulnerability, to gain access to targeted networks and deploy the ShadowPad and PlugX malware, two families tightly associated with Chinese state-sponsored threat groups. Orange Cyberdefense CERT links the attacks to Chinese cyber-espionage tactics, though there

Topics: attacks nailaolocker orange ransom ransomware
Read More
Shop Amazon
Trending Topics
Hot Now
ai 3636 apple 3006 new 2395 google 2022 content 1726
Popular
like 1493 company 1421 pro 1315 iphone 1153 app 1128 zdnet 1106 said 1062 data 1049 does 905 reviews 890
Emerging
editorial 869 amazon 857 game 808 samsung 777 phone 764 pixel 757 android 741 just 717 users 685 available 682
About GoKawiil

GoKawiil is a project by nerdhub.co that curates technology news from trusted sources. We built this site to provide a cleaner, more mobile-friendly experience without intrusive ads or heavy JavaScript.

Privacy

Your privacy matters. GoKawiil doesn't use Google Analytics or Facebook Pixel. The only tracking occurs through affiliate links to Amazon.

Advertising

Interested in advertising? Contact us at [email protected]