The AI security startup has already made waves with critical vulnerability discoveries and seeks to address emerging AI concerns with its PromptArmor platform. – Read More
After threatening to slash support for the CVE program, CISA threw MITRE a lifeline at the last minute — extending its government contract for another 11 months. After that, it…
The China-linked threat actor known as Mustang Panda has been attributed to a cyber attack targeting an unspecified organization in Myanmar with previously unreported tooling, highlighting continued effort by the…
The latest data page figures, compiled by Moneyfacts, are now available. – Read More
If security tools are challenging to use, people will look for workarounds to get around the restrictions. – Read More
Richard C explains how an understanding of vulnerabilities – and their exploitation – informs how the NCSC assesses the security of computer systems. – Read More
Experten warnten, dass ohne CVE ein Koordinationschaos in der IT-Sicherheit droht. Die CISA scheint sie erhört zu haben. Jerome460 / Shutterstock Am 16. April 2025 hatte die Trump-Regierung kurzfristig ein…
Apple is urging immediate patching of two zero-day vulnerabilities in its CoreAudio and RPAC components, citing their use in what the iPhone maker describes as “extremely sophisticated attacks.” Tracked as…
Multiple state-sponsored hacking groups from Iran, North Korea, and Russia have been found leveraging the increasingly popular ClickFix social engineering tactic to deploy malware over a three-month period from late…
Talking about AI: Definitions Artificial Intelligence (AI) — AI refers to the simulation of human intelligence in machines, enabling them to perform tasks that typically require human intelligence, such as…
Blockchain is best known for its use in cryptocurrencies like Bitcoin, but it also holds significant applications for online authentication. As businesses in varying sectors increasingly embrace blockchain-based security tools,…
Code of Practice highlights that cyber risk should have the same prominence as financial or legal risks, and the responsibility and ownership of cyber resilience is a board level matter.…
Der neue Remote Access Trojaner ResolverRAT nutzt DLL-Side-Loading-Probleme aus. janews – shutterstock.com Forscher von Morphisec haben einen neuen Remote Access Trojaner (RAT) mit dem Namen ResolverRAT entdeckt, der über Phishing-E-Mails…
A critical security vulnerability has been disclosed in the Erlang/Open Telecom Platform (OTP) SSH implementation that could permit an attacker to execute arbitrary code sans any authentication under certain conditions.…
Microsoft is calling attention to an ongoing malvertising campaign that makes use of Node.js to deliver malicious payloads capable of information theft and data exfiltration. The activity, first detected in…