InfoQ

Redis Critical Remote Code Execution Vulnerability Discovered After 13 Years

This critical (CVSS 10.0) use-after-free (UAF) vulnerability in Lua scripting could allow authenticated attackers to execute ...

Malicious NuGet packages drop disruptive 'time bombs'

Several malicious packages on NuGet have sabotage payloads scheduled to activate in 2027 and 2028, targeting database ...
Microsoft

Whisper Leak: A novel side-channel attack on remote language models

Understand the risks of encrypted AI traffic exposure and explore practical steps users and cloud providers can take to stay ...

New LandFall spyware exploited Samsung zero-day via WhatsApp messages

A threat actor exploited a zero-day vulnerability in Samsung's Android image processing library to deploy a previously unknown spyware called 'LandFall' using malicious images sent over WhatsApp.