Cyberwarfare
WikiLeaks this week released information on what it claims to be a trove of CIA hacking tools. The documents made public appear to show...
Hi, what are you looking for?
SecurityWeek
Mobile & Wireless
The vulnerability exploited by the Usbliter8 exploit cannot be patched and a PoC exploit has been released by researchers.
Malware & Threats
The Android malware allows its operators to take control of infected devices and harvest sensitive information.
Mobile & Wireless
A simple development setting bypassed protections designed to prevent unauthorized Android apps from accessing Microsoft account tokens, exposing billions of installations.
Mobile & Wireless
Google says the Android vulnerability CVE-2025-48595 has been exploited in limited, targeted attacks.
Mobile & Wireless
Researchers have disclosed a new attack method that can be leveraged to track mobile devices that rely on Media Access Control (MAC) address randomization...
Management & Strategy
WikiLeaks has decided to share information on the alleged CIA hacking tools with the tech companies whose products are affected, but the White House...
Incident Response
Apple and Google are confident that a majority of the vulnerabilities disclosed by WikiLeaks as part of the “Vault 7” release, which focuses on...
Endpoint Security
Security firms have started assessing the impact of the CIA hacking tools exposed on Tuesday by WikiLeaks as part of the leak dubbed “Vault...
Mobile & Wireless
Google this week released a new set of monthly security patches for Android to address over 100 vulnerabilities in the platform, 35 of which...
Malware & Threats
WikiLeaks revealed on Tuesday that it has obtained thousands of files allegedly originating from a high-security network of the U.S. Central Intelligence Agency (CIA)....
Identity & Access
Researchers at Trustwave have identified a backdoor in GSM gateways manufactured by Hong Kong-based voice over IP (VoIP) solutions provider DBL Technology.
Mobile & Wireless
Recent analysis has found 132 Android applications in the official Google Play app store that have been infected with tiny hidden IFrames linking to...
Data Protection
Popular Android password managers are affected by serious vulnerabilities that can expose user credentials, researchers warned on Tuesday.TeamSIK, a group of security experts from...
Data Protection
Researchers at Ben-Gurion University of the Negev in Israel have disclosed yet another method that can be used to exfiltrate data from air-gapped computers,...
Identity & Access
Researcher Ian Ling has discovered a serious remote command execution (RCE) vulnerability in Siklu’s EtherHaul wireless point-to-point radios. Updates that patch the flaw have...
Mobile & Wireless
A recently observed malware downloader targeting Android users is masquerading as an update for Adobe Flash Player, ESET researchers warn.
Cyberwarfare
An Android Remote Access Trojan (RAT) recently revealed to be targeting Israeli servicemen is part of a larger campaign that might not be associated...
Mobile & Wireless
The Android sandbox environment previously known as Android for Work is susceptible to "app-in-the-middle attacks" that put enterprise data at risk, Skycure security researchers...
Mobile & Wireless
Washington - Two US senators have requested details on President Donald Trump's smartphone security, saying he could jeopardize national secrets if he is still...
Fraud & Identity Theft
RSA, which since September is part of Dell Technologies, on Monday unveiled a new approach and product improvements designed to help organizations manage cyber...
Cybercrime
Researchers at Dutch security firm Securify have conducted a detailed analysis of the Android banking Trojan known as Marcher and discovered that a single...
Cloud Security
Cisco announced this week the launch of Umbrella, a cloud-based Secure Internet Gateway (SIG) solution designed to provide visibility and protection for devices on...
Application Security
Dozens of popular iOS applications are affected by vulnerabilities that allow man-in-the-middle (MitM) attackers to silently intercept data from connections that should be protected...
Today’s attackers are no longer breaking in — they’re logging in. Join this live webinar as we break down the modern identity attack chain and examine how recent breaches exploited weaknesses in authentication, identity verification, and access management processes.
RegisterAI has accelerated both sides of the fight. Adversaries are weaponizing vulnerabilities faster, while defenders are racing to ship detections and configurations. Join this live webinar as we explore how to prove your controls actually hold against new threats, map your security maturity, and unite breach simulation with automated pentesting into a single, coordinated program.
RegisterExpert Insights
Groups like ShinyHunters are demonstrating that attackers do not necessarily need malware or zero-day exploits to cause massive damage.
(Torsten George)
Four decades of incident response experience suggest that exploits are often the symptom, not the root cause, of today’s cybersecurity failures.
(Tod Beardsley)
Security teams need more than visibility into AI applications, they need a repeatable framework for monitoring, investigating, and defending them in production.
(Joshua Goldfarb)
AI-driven development is not something organizations can or should block. But it must be governed.
(Danelle Au)
AI can help attackers generate malware, create malicious payloads, bypass simple security checks, and convert vague malicious intent into functional code.
(Etay Maor)