A wave of smishing attacks has been traced to exploited Milesight Industrial Cellular Routers, with attackers abusing their APIs to send phishing SMS messages. These campaigns primarily target Belgian users.

Researchers have uncovered a novel technique to bypass Address Space Layout Randomization (ASLR) in Apple devices by exploiting deterministic behaviors in the NSKeyedArchiver and NSKeyedUnarchiver serialization frameworks.

A critical vulnerability (CVE-2022-3079) has been identified in Festo CPX-CEC-C1 and CPX-CMXX control blocks. This flaw allows unauthenticated, remote access to critical webpage functions, potentially resulting in a denial of service (DoS).

A significant data breach has compromised RemoteCOM, a US-based surveillance provider, exposing highly sensitive data of nearly 14,000 individuals under court supervision and 6,896 law enforcement personnel.

A critical vulnerability in Tesla’s TCU allowed attackers with physical access to gain root-level code execution. The flaw has been patched via an over-the-air (OTA) update.

A recent cybersecurity incident at Canadian airline WestJet has resulted in the exposure of sensitive customer data, including passport and government-issued ID information. The breach has been confirmed to involve personal data exfiltration.

A new phishing and malware distribution toolkit named MatrixPDF has emerged, enabling threat actors to weaponize PDF files for credential theft and malware delivery. It embeds JS actions that execute when a document is opened.

A newly disclosed hardware-based attack, dubbed Battering RAM, enables attackers to bypass memory encryption protections in Intel SGX and AMD SEV-SNP technologies. It leverages a low-cost DDR4 interposer to manipulate memory access.

The British government announced it is underwriting a loan for auto manufacturer Jaguar Land Rover (JLR) as the company and its supply chain attempt to recover from the disruption caused by a cyberattack earlier this month.

Cybersecurity correspondent Joe Tidy revealed in a story on the BBC that the hackers wanted to use his laptop to breach the British public-service broadcaster's network and then ask for a ransom.