Security researchers have identified a critical vulnerability affecting over 1.5 million Exim email servers, making them vulnerable to attacks that can deliver executable attachments to user accounts.

Over 384,000 websites, including those of major companies and government entities, are still linking to the polyfill[.]io code library that was recently acquired by a Chinese firm and used to perform a supply chain attack.

Attackers can use this vulnerability to bypass the protection provided by a previous critical code execution vulnerability and remotely execute arbitrary code on vulnerable machines.

The Yahoo Boys, a group of scammers primarily based in West Africa, openly operate on various social media platforms like Facebook, WhatsApp, and Telegram, engaging in fraudulent activities that range from romance fraud to business email compromise.

The TunnelVision attack is a newly discovered method that can compromise the security of most Virtual Private Network (VPN) applications by diverting traffic away from the encrypted tunnel, exposing it to potential interception.

The systems confirmed inoperable include tax and online property payments, issuance of marriage licenses, and inmate searches. In response, the Assessment, Collection and Recorder of Deeds offices at all county locations were closed.

The attack involves the automated forking of legitimate repositories, resulting in millions of malicious forks with names identical to the original ones, making detection and removal challenging for GitHub.

ChatGPT users' private conversations were leaked due to unauthorized logins from a different location, highlighting the need for better security measures such as 2FA and IP tracking.

The hackers who recently broke into Microsoft’s network and monitored top executives’ email for two months did so by gaining access to an aging test account with administrative privileges, a major lapse on the company's part, a researcher said.

A massive data tranch containing nearly 71 million unique credentials, including 25 million previously unseen passwords, has been circulating on the internet for at least four months.