Latest News

GitLab CE/EE version 16.0.1 patches a critical arbitrary file read vulnerability tracked as CVE-2023-2825.

Barracuda Networks is warning customers about CVE-2023-2868, a zero-day exploited to hack some Email Security Gateway (ESG) appliances.

In a campaign called Volt Typhoon, Microsoft says Chinese government hackers were siphoning data from critical infrastructure organizations in Guam, a U.S. territory in the Pacific Ocean.

U.S. President Joe Biden has picked a new NSA and Cyber Command leader to oversee America’s cyber warfare and defense.

Proofpoint warns that APT actors linked to Russia, Iran and North Korea are increasingly targeting small- and medium-sized businesses.

OAuth vulnerabilities found in the widely used Expo application development platform could have been exploited for account takeovers.

The AhRat trojan was injected in a screen recording application that had amassed more than 50,000 downloads via Google Play.

The US government has announced sanctions against four entities and one individual engaging in cyber activities on behalf of the North Korean government.

Honeywell announces the launch of Cyber Insights, a solution designed to help organizations identify vulnerabilities and threats in their OT environments.

White House announced new efforts to guide federally backed research on artificial intelligence (AI).

MikroTik patches a major security defect in its RouterOS product a full five months after it was exploited at Pwn2Own Toronto.

A credential phishing campaign using the legitimate SuperMailer newsletter distribution app has doubled in size each month since January 2023.

The newly detailed GoldenJackal APT has been targeting government and diplomatic entities in the Middle East and South Asia since 2019.

Iranian threat actors use a Windows kernel driver called ‘Wintapix’ in attacks against Middle East targets.

Google introduces Mobile VRP bug bounty program for vulnerabilities in its mobile applications.