The flaw in the Jetson Linux component of the JetPack SDK impacts devices such as the Jetson AGX Xavier Series, Jetson Xavier NX, Jetson TX1, Jetson TX2 Series, and Jetson Nano.

OSC&R report reveals that 95% organizations face high software supply chain risks. Despite advancements in application security programs, more work is needed to manage risks effectively.

An unidentified threat actor is taking advantage of the recent Falcon Sensor update issues to distribute fake installers via a fraudulent website impersonating a German entity.

Least privilege begins by addressing dormant user accounts and then scrutinizing access privileges, using Context-based access control (CBAC), Attribute-based access control (ABAC), and Role-based access control (RBAC) to determine user access.

Researchers at Wiz have identified an ongoing campaign targeting exposed Selenium Grid services for illicit cryptocurrency mining. The campaign, known as SeleniumGreed, is exploiting older versions of Selenium to run a modified XMRig miner.

The US has indicted a North Korean state hacker for ransomware attacks on hospitals and healthcare companies. The hacker, Rim Jong Hyok, is a member of the Andariel Unit within North Korea’s intelligence agency.

The malicious Chrome extension campaign in LATAM involves infecting victims through phishing websites and installing rogue extensions to steal sensitive information. The extensions mimic Google Drive, giving them access to a wide range of user data.

FortiGuard Labs Threat Research team has identified a fraud campaign targeting India Post users on social media, specifically iPhone users through smishing attacks. The Smishing Triad, a Chinese threat actor, is believed to be behind this campaign.

The issue originates from a test Secure Boot key provided by American Megatrends International (AMI) that was not replaced by OEMs, resulting in devices shipping with untrusted keys.