Telegram channels expose rapid weaponization of SmarterMail flaws

Underground Telegram channels shared SmarterMail exploit PoCs and stolen admin credentials within days of disclosure. Flare explains how monitoring these communities reveals rapid weaponization of CVE ...
The Hacker News

CISA Flags Four Security Flaws Under Active Exploitation in Latest KEV Update

CISA adds four actively exploited vulnerabilities to its KEV catalog, including Chrome RCE, Zimbra SSRF, Windows ActiveX, and ...
MP1st

ARC Raiders Update on February 11 Removes Infinite Ammo Glitch

ARC Raiders has received a game update on February 11, removing the infinite ammo glitch alongside other issues.

Critical n8n flaws disclosed along with public exploits

Multiple critical vulnerabilities in the popular n8n open-source workflow automation platform allow escaping the confines of ...
CSO Online

Russian hackers exploited a critical Office bug within days of disclosure

Within days of Microsoft patching a critical Office zero-day, the Russia-linked group “APT28” was already exploiting the flaw in a live campaign tracked as Operation Neusploit.

Hugging Face Repositories Abused in New Android Malware Campaign

Attackers exploited Hugging Face’s trusted infrastructure to spread an Android RAT, using fake security apps and thousands of malware variants.
IEEE

A Novel Server-side Aggregation Strategy for Federated Learning in Non-IID situations

Abstract: Federated learning has been a promising distributed machine learning approach in many fields like e-economic, autodriving and medical imaging for its privacy-aware manner. However, ...
The Hacker News

Cloudflare Fixes ACME Validation Bug Allowing WAF Bypass to Origin Servers

Cloudflare has addressed a security vulnerability impacting its Automatic Certificate Management Environment (ACME) validation logic that made it possible to bypass security controls and access origin ...