Chrome version 120 includes 10 bug fixes, with two of them being highly critical security patches. The high-ranked security vulnerabilities include “Use after free” exploits in Media Stream and Side Panel Search.

A Cambridge NHS trust has admitted to two historic data breaches, involving the accidental disclosure of patient data while responding to Freedom of Information requests.

The vulnerability, which impacts the Syrus4 IoT gateway made by Digital Communications Technologies (DCT), gives hackers access to the software and commands used to manage thousands of vehicles.

The BlackSuit ransomware group was able to hack into two servers belonging to the school district, impacting Windows devices, file services, printers, and copiers. Phones were not impacted.

The SLAM attack exploits hardware features in upcoming CPUs from Intel, AMD, and Arm to obtain the root password hash from kernel memory, highlighting potential security vulnerabilities.

Over 3,800 PACS servers across 110 countries are unintentionally exposing the private data of 16 million patients, including names, addresses, and even Social Security numbers.

The breach was first detected in 2015, but it is still unclear if the malware has been fully eliminated. The compromised systems may have affected sensitive activities such as handling radioactive waste and monitoring for leaks or fires.

Scammers are exploiting the need for loans for Christmas spending, leading to a surge in loan fee fraud – a type of scam where victims are promised loans they never receive, whilst being tricked into paying an upfront charge as a ‘deposit’ or ‘fee.’

The ENISA Threat Landscape for DoS Attacks report provides insights into the motivations, goals, and impacts of DoS attacks, highlighting the need for organizations to enhance their defenses and prepare prevention and remediation strategies.

In one recent case, attackers sent auto-generated emails with attached PDFs personalized with the recipient’s name, detailing an inflated charge for a Disney+ subscription.