Tag: security
Lovense adult toy app leaks private user email addresses – what we know, and how to stay safe if you’re affected
Researchers found a way to extract email addresses from Lovense user accounts A mitigation was released, but allegedly it’s not working as intended The company claims it still needs months before plugging the leak Lovense, a sex tech company specializing in smart, remotely controlled adult toys, had a vulnerability in…
Read More
Hacker adds potentially catastrophic prompt to Amazon’s AI coding service to prove a point
A rogue prompt told Amazon’s AI to wipe disks and nuke AWS cloud profiles Hacker added malicious code through a pull request, exposing cracks in open source trust models AWS says customer data was safe, but the scare was real, and too close A recent breach involving Amazon’s AI coding…
Read More
Endgame Gear warns mouse config tool has been infected with malware
Endgame Gear software hijacked to serve malware Attack spotted by the company’s community Endgame is making significant changes to prevent repeat occurrences Gaming kit maker Endgame Gear has confirmed it was the victim of a supply chain attack which saw unidentified threat actors break into its website and replace a…
Read More
ByteDance AI tool Trae caught spying on users
Data continues to go back to Chinese servers even with telemetry off Hardware and OS specs, mouse/keyboard activity and more Trae memory usage is 3x higher than Cursor A developer has taken to GitHub to warn that ByteDance’s Trae AI-powered IDE has been collecting data from users and sending it…
Read More
Top ransomware group BlackSuit has dark web extortion sites seized and shut down
Numerous law enforcement agencies banded together to disrupt BlackSuit The ransomware operators had multiple websites seized No arrests had been made Notorious ransomware operator BlackSuit has had its infrastructure disrupted by a major law enforcement campaign. As part of the action, BlackSuit’s main website, accessed through The Onion Router (TOR),…
Read More
Dangerous WordPress plugin puts over 160,000 sites at risk – here’s what we know
Older versions of Post SMTP allowed hackers to read all emails They could also reset the admin password and read the notification email, gaining access to the account More than 160,000 WordPress sites are running the vulnerable version A popular WordPress plugin with hundreds of thousands of active installations carried…
Read More