Cloudflare CDN Bug Outs User Locations on Signal, Discord

Attackers can use a zero- or one-click flaw to send a malicious image to targets — an image that can deanonymize a user within seconds, posing a threat to journalists, activists, hackers, and others whose locations are sensitive.

Follow Dark Reading:

January 24, 2025

LATEST SECURITY NEWS & COMMENTARY Cloudflare CDN Bug Outs User Locations on Signal, Discord Attackers can use a zero- or one-click flaw to send a malicious image to targets — an image that can deanonymize a user within seconds, posing a threat to journalists, activists, hackers, and others whose locations are sensitive. Black 'Magic' Targets Enterprise Juniper Routers With Backdoor Such routers typically lack endpoint detection and response protection, are in front of a firewall, and don't run monitoring software like Sysmon, making the attacks harder to detect. CISA: Ivanti Vulns Chained Together in Cyberattack Onslaught The threat actors are abusing the vulnerabilities to gain initial access, obtain credentials, and install malicious scripts on user devices. Tesla Gear Gets Hacked Multiple Times in Pwn2Own Contests The first team to successfully hack the electric vehicle maker's charger won $50,000 for their ingenuity. War Game Pits China Against Taiwan in All-Out Cyberwar At Black Hat and DEF CON, cybersecurity experts were asked to game out how Taiwan could protect its communications and power infrastructure in case of invasion by China. The Security Risk of Rampant Shadow AI While employees want to take advantage of the increased efficiency of GenAI and LLMs, CISOs and IT teams must be diligent and stay on top of the most up-to-date security regulations. MORE NEWS / MORE COMMENTARY HOT TOPICS Trump Pardons 'Silk Road' Dark Web Drug Market Creator The pardon comes after 11 years in prison for Ross Ulbricht, who was sentenced to life without parole on several charges, including computer hacking, distribution of narcotics, and money laundering. Email Bombing, 'Vishing' Tactics Abound in Microsoft 365 Attacks Sophos noted more than 15 attacks have been reported during the past three months. Will 2025 See a Rise of NHI Attacks? The flurry of non-human identity attacks at the end of 2024 demonstrates extremely strong momentum heading into the new year. That does not bode well. Mirai Botnet Spinoffs Unleash Global Wave of DDoS Attacks Two separate campaigns are targeting flaws in various IoT devices globally, with the goal of compromising them and propagating malware worldwide. MORE PRODUCTS & RELEASES Omdia Finds Phishing Attacks Top Smartphone Security Concern for Consumers CISA Calls For Action to Close the Software Understanding Gap 84% of Healthcare Organizations Spotted a Cyberattack in the Late Year Automox Releases Endpoint Management With FastAgent MORE PRODUCTS & RELEASES EDITORS' CHOICE Trump Overturns Biden Rules on AI Development, Security The new administration moved quickly to remove any constraints on AI development and collected $500 billion in investment pledges for an American-owned AI joint venture. LATEST FROM THE EDGE Security Needs to Start Saying 'No' Again The rush to say "yes" allows cybersecurity teams to avoid hard conversations with business stakeholders but also risks losing their ability to effectively protect organizations. LATEST FROM DR TECHNOLOGY Doti AI Launches Platform to Securely Find Enterprise Data The AI-powered work platform helps organizations securely identify and access internal enterprise data as part of business processes and workflows. LATEST FROM DR GLOBAL Russian APT Phishes Kazakh Gov't for Strategic Intel A highly targeted cyber-intelligence campaign adds fuel to the increasingly complex relationship between the two former Soviet states. WEBINARS How CISOs Navigate the Regulatory and Compliance Maze Preventing Attackers From Wandering Through Your Enterprise Infrastructure View More Dark Reading Webinars >> WHITE PAPERS The State of Firewall Security: Challenges, Risks, and Solutions for Modern Networks Social Engineering: New Tricks, New Threats, New Defenses Solution Brief: Introducing the runZero Platform Top 10 CI/CD Security Risks: The Technical Guide Frost Radar: Cloud Security Posture Management, 2024 6 Key Requirements of Multicloud Security The State of Cloud Native Security Report 2024 View More White Papers >> FEATURED REPORTS Industrial Networks in the Age of Digitalization Zero-Trust Adoption Driven by Data Protection, Cloud Access Control, and Regulatory Compliance Requirements Effective Asset Management Is Critical to Enterprise Cybersecurity View More Dark Reading Reports >>

Dark Reading Daily -- Published By Dark Reading Operated by TechTarget, Inc. and its subsidiaries, 275 Grove Street, Newton, Massachusetts, 02466 US To opt-out of any future Dark Reading Daily Newsletter emails, please respond here. Thoughts about this newsletter? Give us feedback. Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our Privacy Statement.

© 2025 | TechTarget, Inc. | Privacy Statement | Terms & Conditions | Contact Us