Tesla to open U.S. battery plant with equipment from China’s CATL

<p>Tesla Inc. will expand battery production in Nevada, opening a small facility using idle equipment from China’s Contemporary Amperex Technology Co. Ltd., according to people familiar with the matter.</p>

https://www.autonews.com/automakers-supp...hinas-catl

Volvo to stop funding Polestar as Geely readies bailout

<p>Polestar and Volvo owner Geely said it welcomed Volvo's decision to focus its resources on its own development.</p>

https://www.autonews.com/china/volvo-may...rent-geely

RunC Flaws Enable Container Escapes, Granting Attackers Host Access

Multiple security vulnerabilities have been disclosed in the runC command line tool that could be exploited by threat actors to escape the bounds of the container and stage follow-on attacks.
The vulnerabilities, tracked as CVE-2024-21626, CVE-2024-23651, CVE-2024-23652, and CVE-2024-23653, have been collectively dubbed Leaky Vessels by cybersecurity vendor Snyk.
"These container

https://thehackernews.com/2024/02/runc-f...capes.html

CISA Warns of Active Exploitation of Flaw in Apple iOS and macOS

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a high-severity flaw impacting iOS, iPadOS, macOS, tvOS, and watchOS to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.
The vulnerability, tracked as CVE-2022-48618 (CVSS score: 7.8), concerns a bug in the kernel component.
"An attacker with

https://thehackernews.com/2024/02/cisa-w...on-of.html

Warning: New Malware Emerges in Attacks Exploiting Ivanti VPN Vulnerabilities

Google-owned Mandiant said it identified new malware employed by a China-nexus espionage threat actor known as UNC5221 and other threat groups during post-exploitation activity targeting Ivanti Connect Secure VPN and Policy Secure devices.
This includes custom web shells such as BUSHWALK, CHAINLINE, FRAMESTING, and a variant of LIGHTWIRE.
"CHAINLINE is a Python web shell backdoor that is

https://thehackernews.com/2024/02/warnin...tacks.html

HeadCrab 2.0 Goes Fileless, Targeting Redis Servers for Crypto Mining

Cybersecurity researchers have detailed an updated version of the malware HeadCrab that's known to target Redis database servers across the world since early September 2021.
The development, which comes exactly a year after the malware was first publicly disclosed by Aqua, is a sign that the financially-motivated threat actor behind the campaign is actively adapting and

https://thehackernews.com/2024/02/headcr...eting.html

U.S. Feds Shut Down China-Linked "KV-Botnet" Targeting SOHO Routers

The U.S. government on Wednesday said it took steps to neutralize a botnet comprising hundreds of U.S.-based small office and home office (SOHO) routers hijacked by a China-linked state-sponsored threat actor called Volt Typhoon and blunt the impact posed by the hacking campaign.
The existence of the botnet, dubbed KV-botnet, was first disclosed by the Black Lotus Labs team at

https://thehackernews.com/2024/02/us-fed...ed-kv.html

Why the Right Metrics Matter When it Comes to Vulnerability Management

How’s your vulnerability management program doing? Is it effective? A success? Let’s be honest, without the right metrics or analytics, how can you tell how well you’re doing, progressing, or if you’re getting ROI? If you’re not measuring, how do you know it’s working?
And even if you are measuring, faulty reporting or focusing on the wrong metrics can create blind spots and make it harder to

https://thehackernews.com/2024/02/why-ri...comes.html

Exposed Docker APIs Under Attack in 'Commando Cat' Cryptojacking Campaign

Exposed Docker API endpoints over the internet are under assault from a sophisticated cryptojacking campaign called Commando Cat.
"The campaign deploys a benign container generated using the Commando project," Cado security researchers Nate Bill and Matt Muir said in a new report published today. "The attacker escapes this container and runs multiple payloads on the

https://thehackernews.com/2024/02/expose...ck-in.html

The New Ford Explorer: It’s All in the Name

The 2025 Explorer with a redesigned interior, all-new Ford Digital Experience and available BlueCruise hands-free highway driving is ready for adventure.


https://media.ford.com/content/fordmedia...-name.html