🐛 COMMON VULNERABILITIES AND EXPOSURES 2[−]
10 AprIncomplete Patch in NVIDIA Toolkit Leaves CVE-2024-0132 Open to Container EscapesCybersecurity researchers have detailed a case of an incomplete patch for a previously addressed security flaw impacting the NVIDIA Container Toolkit that, if successfully exploited, could put sensitive data at risk. The original vulnerability CVE-2024-0132 (CVSS score: 9.0) is a…THEHACKERNEWS.COM
10 AprIncomplete NVIDIA Patch to CVE-2024-0132 Exposes AI Infrastructure and Data to Critical RisksA previously disclosed vulnerability in NVIDIA Container Toolkit has an incomplete patch, which, if exploited, could put a wide range of AI infrastructure and sensitive data at risk.TRENDMICRO.COM
⚠️ VULNERABILITY DISCLOSURE 4[−]
10 AprEuropol Arrests Five SmokeLoader Clients Linked by Seized Database EvidenceLaw enforcement authorities have announced that they tracked down the customers of the SmokeLoader malware and detained at least five individuals. "In a coordinated series of actions, customers of the Smokeloader pay-per-install botnet, operated by the actor known as 'Superstar,'…THEHACKERNEWS.COM
10 AprAkiraBot Targets 420,000 Sites with OpenAI-Generated Spam, Bypassing CAPTCHA ProtectionsCybersecurity researchers have disclosed details of an artificial intelligence (AI) powered platform called AkiraBot that's used to spam website chats, comment sections, and contact forms to promote dubious search engine optimization (SEO) services such as Akira and ServicewrapGO…THEHACKERNEWS.COM
10 AprCISA Releases Ten Industrial Control Systems AdvisoriesCISA released ten Industrial Control Systems (ICS) advisories on April 10, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-100-01 Siemens License Server ICSA-25-100-02 Siemens SIDIS Prime ICSA…CISA.GOV
10 AprSecurity audit of PHP-SRCThe Open Source Technology Improvement Fund, Inc , thanks to funding provided by Sovereign Tech Fund , engaged with Quarkslab to perform a security audit of PHP-SRC , the interpreter of the PHP language.QUARKSLAB.COM
📢 SECURITY ADVISORIES 2[−]
10 AprTrump orders federal investigation into former CISA director Chris KrebsTrump fired Krebs by tweet in 2020 after he publicly debunked Trump's false claims of election fraud.TECHCRUNCH.COM
10 AprWide World of Cyber: How the Trump admin is changing the cybersecurity landscapeIn this podcast, Patrick Gray chats with SentinelOne’s Chris Krebs and Alex Stamos about the huge changes afoot in the United States government and what they mean for the threat environment. From the director of NSA being fired to massive job cuts at CISA and huge foreign policy …RISKY.BIZ
🔥 INCIDENT REPORTING 1[−]
10 AprGamaredon Uses Infected Removable Drives to Breach Western Military Mission in UkraineThe Russia-linked threat actor known as Gamaredon (aka Shuckworm) has been attributed to a cyber attack targeting a foreign military mission based in Ukraine with an aim to deliver an updated version of a known malware called GammaSteel. The group targeted the military mission of…THEHACKERNEWS.COM
🕵️ THREAT INTELLIGENCE 4[−]
10 AprMalicious npm Package Targets Atomic Wallet, Exodus Users by Swapping Crypto AddressesThreat actors are continuing to upload malicious packages to the npm registry so as to tamper with already-installed local versions of legitimate libraries and execute malicious code in what's seen as a sneakier attempt to stage a software supply chain attack. The newly discovere…THEHACKERNEWS.COM
10 AprThe ultimate guide to Microsoft Security at RSAC 2025For RSAC 2025, Microsoft Security is bringing an exciting lineup of sessions, expert panels, and exclusive networking opportunities to empower security professionals in the era of AI. The post The ultimate guide to Microsoft Security at RSAC 2025 appeared first on Microsoft Secur…TECHCOMMUNITY.MICROSOFT.COM
10 AprMy Take: NTT’s physicists confront the mystery Big Tech keep dodging — what are we really creating?SAN FRANCISCO — If large language AI models are shaping our digital reality, then who—exactly—is shaping those models? And how the heck are they doing it? Related: What exactly is GenAI? Those are the questions Dr. Hidenori Tanaka wants to … (more…) The post My Take: NTT’s …LASTWATCHDOG.COM
10 AprNews alert: NTT unveils AI inference chip enabling real-time 4K processing of ultra-high-def videoTOKYO, Apr. 10, 2025 — Today, NTT Corporation ( NTT ) announced a new, large-scale integration (LSI) for the real-time AI inference processing of ultra-high-definition video up to 4K resolution and 30 frames per second (fps). This low-power technology is … (more…) The post …LASTWATCHDOG.COM
🌐 CYBER THREAT LANDSCAPE 1[−]
10 AprProtecting against attacks in ZIP, RAR, CAB, MSI, ISO and other archives | Kaspersky official blogHow attackers disguise malware in archives, and what to do to protect your businessKASPERSKY.COM
📡 INFOSEC NEWS 4[−]
10 AprChina-based SMS Phishing Triad Pivots to BanksChina-based purveyors of SMS phishing kits are enjoying remarkable success converting phished payment card data into mobile wallets from Apple and Google. Until recently, the so-called “Smishing Triad” mainly impersonated toll road operators and shipping companies. But experts sa…KREBSONSECURITY.COM
10 AprPlayPraetor Reloaded: CTM360 Uncovers a Play Masquerading PartyOverview of the PlayPraetor Masquerading Party Variants CTM360 has now identified a much larger extent of the ongoing Play Praetor campaign. What started with 6000+ URLs of a very specific banking attack has now grown to 16,000+ with multiple variants. This research is ongoing, a…THEHACKERNEWS.COM
10 AprThe Identities Behind AI Agents: A Deep Dive Into AI & NHIAI agents have rapidly evolved from experimental technology to essential business tools. The OWASP framework explicitly recognizes that Non-Human Identities play a key role in agentic AI security. Their analysis highlights how these autonomous software entities can make decisions…THEHACKERNEWS.COM
10 AprWatch out for these traps lurking in search resultsHere’s how to avoid being hit by fraudulent websites that scammers can catapult directly to the top of your search resultsWELIVESECURITY.COM