Blog - inionline.net

Blog

Researchers Detail Windows EPM Poisoning Exploit Chain Leading to Domain Privilege Escalation

Cybersecurity researchers have presented new findings related to a now-patched security issue in Microsoft’s Windows Remote Procedure Call (RPC) communication protocol that could be abused by an attacker to conduct spoofing attacks and impersonate a known server. The vulnerability, tracked as CVE-2025-49760 (CVSS score: 3.5), has been described by the tech giant as a Windows…

Read More Researchers Detail Windows EPM Poisoning Exploit Chain Leading to Domain Privilege Escalation
Blog

Linux-Based Lenovo Webcams’ Flaw Can Be Remotely Exploited for BadUSB Attacks

Cybersecurity researchers have disclosed vulnerabilities in select model webcams from Lenovo that could turn them into BadUSB attack devices. “This allows remote attackers to inject keystrokes covertly and launch attacks independent of the host operating system,” Eclypsium researchers Paul Asadoorian, Mickey Shkatov, and Jesse Michael said in a report shared with The Hacker News. The

Read More Linux-Based Lenovo Webcams’ Flaw Can Be Remotely Exploited for BadUSB Attacks
Blog

Researchers Reveal ReVault Attack Targeting Dell ControlVault3 Firmware in 100+ Laptop Models

Cybersecurity researchers have uncovered multiple security flaws in Dell’s ControlVault3 firmware and its associated Windows APIs that could have been abused by attackers to bypass Windows login, extract cryptographic keys, as well as maintain access even after a fresh operating system install by deploying undetectable malicious implants into the firmware. The vulnerabilities have been codenamed

Read More Researchers Reveal ReVault Attack Targeting Dell ControlVault3 Firmware in 100+ Laptop Models
Blog

Researchers Uncover GPT-5 Jailbreak and Zero-Click AI Agent Attacks Exposing Cloud and IoT Systems

Cybersecurity researchers have uncovered a jailbreak technique to bypass ethical guardrails erected by OpenAI in its latest large language model (LLM) GPT-5 and produce illicit instructions. Generative artificial intelligence (AI) security platform NeuralTrust said it combined a known technique called Echo Chamber with narrative-driven steering to trick the model into producing undesirable

Read More Researchers Uncover GPT-5 Jailbreak and Zero-Click AI Agent Attacks Exposing Cloud and IoT Systems
Blog

CyberArk and HashiCorp Flaws Enable Remote Vault Takeover Without Credentials

Cybersecurity researchers have discovered over a dozen vulnerabilities in enterprise secure vaults from CyberArk and HashiCorp that, if successfully exploited, can allow remote attackers to crack open corporate identity systems and extract enterprise secrets and tokens from them. The 14 vulnerabilities, collectively named Vault Fault, affect CyberArk Secrets Manager, Self-Hosted, and

Read More CyberArk and HashiCorp Flaws Enable Remote Vault Takeover Without Credentials
Blog

60 RubyGems Packages Steal Data From Annoying Spammers

A Dark Web antihero has been stealing and then reselling credentials from unsavory online characters. Their motives are questionable, but the schadenfreude is irresistible.

Read More 60 RubyGems Packages Steal Data From Annoying Spammers
Blog

BigID Launches Shadow AI Discovery to Uncover Rogue Models and Risky AI Data

Post Content

Read More BigID Launches Shadow AI Discovery to Uncover Rogue Models and Risky AI Data
Blog

PwC Announces Addition of Morgan Adamski to Leadership of Cyber, Data & Technology Risk Platform

Post Content

Read More PwC Announces Addition of Morgan Adamski to Leadership of Cyber, Data & Technology Risk Platform
Blog

Ransomware Attacks Fall by Almost Half in Q2

Post Content

Read More Ransomware Attacks Fall by Almost Half in Q2
Blog

Cybersecurity Incident at Allianz Life Exposes Personal Information of Hundreds of Thousands

Post Content

Read More Cybersecurity Incident at Allianz Life Exposes Personal Information of Hundreds of Thousands