As a loooong-time F1 fan and a breach blogger, of course I had to read this report on hacking F1. Introduction With security startups getting flooded with VC funding in the past few years, some of the biggest networking events have centered themselves around the Formula 1 Grand Prix. Companies like CrowdStrike and Darktrace spend…
Tag: vulnerability
7-Zip Vulnerability Lets Hackers Write Files and Run Malicious Code
Divya reports: A security vulnerability has been discovered in the popular 7-Zip file compression utility that could allow attackers to write arbitrary files to victim systems and potentially execute malicious code. The flaw, tracked as CVE-2025-55188, affects all versions of 7-Zip prior to the recently released version 25.01 and stems from improper handling of symbolic links…
AIIMS ORBO Portal Vulnerability Exposing Sensitive Organ Donor Data Discovered by Researcher
In November 2022, the All India Institute of Medical Sciences (“AIIMS“) reportedly suffered a ransomware attack. They may have just escaped another incident thanks to the responsible disclosure of a vulnerability found by a researcher. Ashish Khaitan reports: A critical vulnerability in the AIIMS portal exposed highly sensitive data of voluntary organ and tissue donors…
New TeleMessage SGNL Flaw Is Actively Being Exploited by Attackers
Waqas reports: TeleMessage SGNL, a made-in-Israel clone of the Signal app used by US government agencies and regulated businesses, has been found running with an outdated configuration that exposes sensitive internal data to the internet, no login required. The main cause of the problem is how some deployments of TeleMessage SGNL are using older versions…
Cl0p cybercrime gang’s data exfiltration tool found vulnerable to RCE attacks
Connor Jones reports: Security experts have uncovered a hole in Cl0p’s data exfiltration tool that could potentially leave the cybercrime group vulnerable to attack. The vulnerability in the Python-based software, which was used in the 2023-2024 MOVEit mass data raids, was discovered by Italian researcher Lorenzo N and published by the Computer Incident Response Center Luxembourg (CIRCL)….
Hacking Verizon Call Records: A Security Breach with National Security Implications
Kirsten Doyle reports: Security researcher Evan Connelly recently identified a security vulnerability in the Verizon Call Filter iOS app which made it possible for a malicious actor to leak call history logs of Verizon Wireless customers. Call logs can be highly valuable, particularly for nation-states, as they enable intelligence agencies to map social networks, track high-value targets, figure…