Latest News

The software update includes additional file checks and helps users remove the known rootkit deployed in a recent campaign.

Tracked as CVE-2025-59689, the command injection bug could be triggered via malicious emails containing crafted compressed attachments.

JLR extended the pause in production “to give clarity for the coming week as we build the timeline for the phased restart of our operations and continue our investigation.”

More than 300 servers and 100,000 SIM cards designed to mimic cellphones and overwhelm networks.

Binarly researchers have found a way to bypass a patch for a previously disclosed vulnerability. 

CVE-2025-26399 is a patch bypass of CVE-2024-28988, which is a patch bypass of the exploited CVE-2024-28986.

The company will expand its platform’s capabilities and accelerate investigative collaboration and go-to-market efforts.

The strength of responsible disclosure is that it can solve problems before they are actioned. The weakness is that it potentially generates a false sense of security in the vendor.

A new ranking of Model Context Protocol weaknesses highlights critical risks—from prompt injection to command injection—and provides a roadmap for securing the foundations of agentic AI.

The botnet’s operators provide customers with access to an infected network of Docker containers so they can conduct DDoS attacks.

The juvenile suspect surrendered on September 17 and was booked on computer intrusion, extortion, and identity theft charges.

The company says customer contact information was stolen from a third-party service provider’s platform.

The Canada-based company has emerged from stealth with autonomous AI agents designed to manage and operate the security and IT stack.

L1TF Reloaded is a vulnerability combining the old L1TF and half-Spectre hardware flaws to bypass deployed software mitigations.

Collins Aerospace is reportedly having difficulties recovering from the ransomware attack.