#CISA orders feds to patch actively exploited #Geoserver flaw

CISA orders feds to patch actively exploited Geoserver flaw

CISA has ordered U.S. federal agencies to patch a critical GeoServer vulnerability now actively exploited in XML External Entity (XXE) injection at...

#cybersecurity

The New Oil 4 weeks ago

#MITRE shares 2025's top 25 most dangerous software weaknesses

BleepingComputer

MITRE shares 2025's top 25 most dangerous software weaknesses

MITRE has shared this year's top 25 list of the most dangerous software weaknesses behind over 39,000 security vulnerabilities disclosed betwe...

#cybersecurity

The New Oil 4 weeks ago

How online search and #AI can install #malware

The Eclectic Light Company

How online search and AI can install malware

I asked Google how I could clear disk space on macOS, and it couldn’t have been more helpful. But what I was told to do downloaded malware to...

#cybersecurity

The New Oil 4 weeks ago

#World launches its ‘super app,’ including #crypto pay and encrypted chat features

TechCrunch

World launches its 'super app,' including crypto pay and encrypted chat features | TechCrunch

Tools for Humanity, the company behind the app, is seeking to expand its "real human network."

#privacy #cybersecurity #biometrics

The New Oil 4 weeks ago

Warnings Mount in #Congress Over Expanded US #Wiretap Powers

WIRED

Warnings Mount in Congress Over Expanded US Wiretap Powers

Experts tell US lawmakers that a crucial spy program’s safeguards are failing, allowing intel agencies deeper, unconstrained access to Americans�...

#politics #privacy #surveillance #MassSurveillance

The New Oil 4 weeks ago

Hackers exploit #Gladinet #CentreStack cryptographic flaw in RCE attacks

BleepingComputer

Hackers exploit Gladinet CentreStack cryptographic flaw in RCE attacks

Hackers are exploiting a new, undocumented vulnerability in the implementation of the cryptographic algorithm present in Gladinet's CentreStac...

#cybersecurity #Triofox

The New Oil 4 weeks ago

Notepad++ fixes flaw that let attackers push malicious update files

BleepingComputer

Notepad++ fixes flaw that let attackers push malicious update files

Notepad++ version 8.8.9 was released to fix a security weakness in its WinGUp update tool after researchers and users reported incidents in which t...

#cybersecurity #FOSS #NotepadPlusPlus

The New Oil 4 weeks ago

Malicious #VSCode Marketplace extensions hid trojan in fake PNG file

BleepingComputer

Malicious VSCode Marketplace extensions hid trojan in fake PNG file

A stealthy campaign with 19 extensions on the VSCode Marketplace has been active since February, targeting developers with malware hidden inside de...

#cybersecurity #image #malware

The New Oil 4 weeks ago

The New Oil is entirely supported by readers. If you get value out of this project, please consider supporting us if you can.

The New Oil | Support

Data is the new oil

#privacy #cybersecurity

The New Oil 4 weeks ago

Doxers Posing as #Cops Are Tricking Big Tech Firms Into Sharing People’s Private Data

WIRED

Doxers Posing as Cops Are Tricking Big Tech Firms Into Sharing People’s Private Data

A spoofed email address and an easily faked document is all it takes for major tech companies to hand over your most personal information.

#privacy #dox #doxing #doxxing #police