Ryan Naraine

A significant backdoor in contactless cards made by China-based Shanghai Fudan Microelectronics allows instantaneous cloning of RFID cards used to open office doors and...

The vulnerability, tracked as CVE-2024-38193 and marked as ‘actively exploited’ by Microsoft, allows SYSTEM privileges on the latest Windows operating systems.

Security experts are ratcheting up the urgency for Windows admins to patch a wormable, pre-auth remote code execution vulnerability in the Windows TCP/IP stack.

Microsoft's security response team pushed out documentation for almost 90 vulnerabilities across Windows and OS components and marked several flaws in the actively exploited...

Patch Tuesday: Adobe patches 72 security vulnerabilities and warns that Windows and macOS users are at risk of code execution, memory leaks, and denial-of-service...

Law enforcement authorities in the U.S. have arrested a Tennessee man accused of running a “laptop farm” that helped North Korean IT workers secure...

The vulnerabilities, patched in OpenVPN 2.6.10, expose users on the Windows platform to remote code execution attacks.

CrowdStrike dismissed claims that the Falcon EDR sensor bug could be exploited for privilege escalation or remote code execution.

Researcher showcases hack against Microsoft Windows Update architecture, turning fixed vulnerabilities into zero-days.

CrowdStrike says the Falcon sensor crash that blue-screened Windows machines was caused by a "confluence" of vulnerabilities and testing gaps.

AWS says a massive neural network graph model with 3.5 billion nodes and 48 billion edges is speeding up the prediction and detection of...

Longtime security executive Alex Stamos tapped by SentinelOne to manage its security engineering and operations teams.

OneBlood, a non-profit blood bank serving more than 300 U.S. hospitals, has been hit by a disruptive ransomware attack.

SecurityWeek fireside chat: Google Cloud CISO on CISA’s secure-by-design initiatives, government regulations, holding vendors accountable, and transformational security leadership.

VMware did not mention in-the-wild exploitation for CVE-2024-37085 but Microsoft says ransomware gangs are abusing the just-patched flaw.

Software supply chain security startup Chainguard raises a $140 million Series C round that values the company at $1.2 billion.

A fresh Mandiant report documents North Korea's APT45 as a distinct hacking team conducting cyberespionage and ransomware operations.

The vulnerability, tagged as CVE-2024-41110 with a CVSS severity score of 10/10, was originally found and fixed in 2018.

The new financing brings the total raised by Dazz to $110 million as investors double down on bets in the cloud security remediation space.

KnowBe4 chief executive Stu Sjouwerman: “We sent them their Mac workstation, and the moment it was received, it immediately started to load malware."