Latest News

Cisco has observed multiple threat actors adopting the SapphireStealer information stealer after its source code was released on GitHub.

Sourcegraph says customer information was breached after an engineer accidentally leaked an admin access token.

ZDI is offering more than $1 million at the Pwn2Own Automotive hacking contest, hosted in January at the Automotive World conference in Tokyo.

Small electric utilities in the US offered $9 million as part of a competition whose goal is to help them boost their cybersecurity posture.

A vulnerability in the All-in-One WP Migration plugin’s extensions exposes WordPress websites to attacks leading to sensitive information disclosure.

Apple is inviting security researchers to apply for the 2024 iPhone Security Research Device Program (SRDP) to receive hackable iPhones.

Five Eyes report details 'Infamous Chisel' malware used by Russian state-sponsored hackers to target the Ukrainian military’s Android devices. 

Splunk has released patches for multiple high-severity vulnerabilities impacting Splunk Enterprise and IT Service Intelligence.

A lawsuit filed on behalf of a former student and former employee at the University of Minnesota accuses the university of not doing enough to protect personal information from a recent data breach.

Fashion retailer Forever 21 says that the personal information of more than 500,000 individuals was compromised in a data breach.

Dangling DNS records were abused by researchers to hijack subdomains belonging to major organizations, warning that thousands of entities are impacted.

Earth Estries, a cyberspy group possibly linked to China, has targeted governments and tech firms in the US, Germany, South Africa and Asia. 

Roughly 78% of the healthcare organizations in North America, South America, the APAC region, and Europe experienced a cyberattack over the past year, according to a new report.

Four recent vulnerabilities in the J-Web component of Junos OS have started being chained in malicious attacks after PoC exploit code was published.

GitHub Enterprise Server 3.10 released with additional security capabilities, including support for custom deployment rules.