A critical security flaw has been disclosed in theΒ llama_cpp_pythonΒ Python package that could be exploited by threat actors to achieve arbitrary code execution.
Tracked asΒ CVE-2024-34359Β (CVSS score: 9.7), the flaw has been codenamed Llama Drama by software supply chain security firm Checkmarx.
"If exploited, it could allow attackers to execute arbitrary code on your system,
Β Microsoft on Monday confirmed its plans to deprecate NT LAN Manager (NTLM) in Windows 11 in the second half of the year, as it announced a slew of new security measures to harden the widely-used desktop operating system.
"Deprecating NTLM has been a huge ask from our security community as it will strengthen user authentication, and deprecation is planned in the second half of 2024," the
The U.S. Cybersecurity and Infrastructure Security Agency (CISA)Β on MondayΒ addedΒ a security flaw impacting NextGen Healthcare Mirth Connect to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.
The flaw, tracked asΒ CVE-2023-43208Β (CVSS score: N/A), concerns a case of unauthenticated remote code execution arising from an incomplete
Cybersecurity researchers have discovered a critical security flaw in a popular logging and metrics utility called Fluent Bit that could be exploited to achieve denial-of-service (DoS), information disclosure, or remote code execution.
TheΒ vulnerability,Β tracked asΒ CVE-2024-4323, has been codenamed Linguistic Lumberjack by Tenable Research. It impacts versions from 2.0.7 through
An Iranian threat actor affiliated with the Ministry of Intelligence and Security (MOIS) has been attributed as behind destructive wiping attacks targeting Albania and Israel under the personas Homeland Justice and Karma, respectively.
Cybersecurity firm Check Point is tracking the activity under the monikerΒ Void Manticore, which is also known asΒ Storm-0842Β (formerly DEV-0842) by
Login
