Actively exploited vulnerability threatens hundreds of solar power stations

Getty Images Hundreds of Internet-exposed devices inside solar farms remain unpatched against a critical and actively exploited vulnerability that makes it easy for remote attackers to disrupt operations or gain a foothold inside the facilities. The devices, sold by Osaka, ...

336,000 servers remain unpatched against critical Fortigate vulnerability

Researchers say that nearly 336,000 devices exposed to the Internet remain vulnerable to a critical vulnerability in firewalls sold by Fortinet because admins have yet to install patches the company released three weeks ago. CVE-2023-27997 is a remote code execution ...

TSMC says some of its data was swept up in a hack on a hardware supplier

Chipmaker TSMC said on Friday that one of its hardware suppliers experienced a “security incident” that allowed the attackers to obtain configurations and settings for some of the servers the company uses in its corporate network. The disclosure came a ...

Prominent cryptocurrency exchange infected with previously unseen Mac malware

Getty Images Researchers have discovered previously unknown Mac malware infecting a cryptocurrency exchange. It contains a full suite of capabilities, including the ability to steal private data and download and execute new malicious files. Dubbed JokerSpy, the malware is written ...

Hackers can steal cryptographic keys by video-recording power LEDs 60 feet away

Enlarge / Left: a smart card reader processing the encryption key of an inserted smart card. Right: a surveillance camera video records the reader’s power LED from 60 feet away. Nassi et al. Researchers have devised a novel attack that ...