The "TellYouThePass" ransomware group has been using PHP's recently patched Remote Code Execution (RCE) vulnerability to deliver web shells and execute the encryptor payload. Attacks began on June 8, less than 48 hours after PHP's maintainers released security updates, using publicly available exploit code. TellYouThePass ransomware quickly uses public exploits for highly impactful vulnerabilities. Last November, the gang used an Apache ActiveMQ RCE in attacks, and in December 2021, they adopted the Log4j exploit.

Redfox Security warns that discontinued Netgear WNR614 routers contain vulnerabilities that enable attackers to bypass authentication, intercept communications, and steal credentials. Six flaws were discovered in the Netgear WNR614 N300 router model running the latest available firmware version. The first flaw discovered by Redfox Security lets attackers bypass the device's authentication mechanism and access the administrative interface.

Apple recently updated visionOS, the operating system powering its Vision Pro virtual reality headset, to version 1.2, which addresses several vulnerabilities, including what may be the first security flaw that is specific to this product.  The company noted that the update patches nearly two dozen vulnerabilities.  However, a vast majority of them are in components that visionOS shares with other Apple products, such as iOS, macOS and tvOS.

British semiconductor giant Arm has recently warned customers about a memory safety bug in Mali GPU kernel drivers that has been exploited in the wild.  The vulnerability is tracked as CVE-2024-4610 and is a use-after-free issue that could be exploited by local users to make improper GPU memory processing operations.  The company noted that successful exploitation of the flaw allows a non-privileged attacker to access previously freed memory.  According to Arm, CVE-2024-4610 impacts the Bifrost and Valhall GPU kernel drivers.

Researchers from the University of Illinois Urbana-Champaign found that GPT-4-powered teams of bots can scan websites for zero-day vulnerabilities and attack them with 53 percent success. According to the researchers, Large Language Models (LLMs) can collaborate and work more effectively than a single instance of chatbot in exploiting real-world vulnerabilities. Their paper shows up to 4.5 times improvement over a standalone Artificial Intelligence (AI) agent.

A new Commonwealth Cyber Initiative (CCI)-funded inclusive cybersecurity program in Virginia is helping people feel safer and more secure on computer networks and other devices. CCI awarded 11 projects for its 2024 Addressing Inclusion and Accessibility in Cybersecurity Program.

Cisco's Talos research and threat intelligence unit found 15 vulnerabilities impacting AutomationDirect’s Productivity series Programmable Logic Controllers (PLCs). The vulnerabilities are all classified as being of high or critical severity. They can be exploited for Remote Code Execution (RCE) or Denial-of-Service (DoS) attacks, potentially disrupting industrial environments and causing significant costs.

According to Forescout's "The Riskiest Connected Devices in 2024" report, the number of Internet of Things (IoT) devices with vulnerabilities has increased by 136 percent. The study, involving the analysis of data from about 19 million devices, discovered that the proportion of IoT devices containing vulnerabilities increased from 14 percent in 2023 to 33 percent in 2024. Wireless access points, routers, printers, and IP cameras were the most vulnerable IoT devices. This article continues to discuss key findings from Forescout's report on the riskiest connected devices.

Security researchers at Huntr discovered a critical-severity vulnerability in the PyTorch machine learning library that could be exploited for remote code execution.  The vulnerability CVE-2024-5480 impacts the distributed RPC (Remote Procedure Call) framework of PyTorch.  The researchers said that the issue exists because the framework does not verify the functions called during RPC operations.

An anonymous threat actor has recently posted what they claim to be 270GB of source code stolen from the New York Times.  The alleged leak was first spotted by security researchers at vx-underground.  The researchers believe the actor targeted the New York Times’ GitHub account.