Latest News

Critical security flaws expose Samsung’s Exynos modems to “Internet-to-baseband remote code execution” attacks with no user interaction. Project Zero says an attacker only needs the victim’s phone number.

Meta has developed a ten-phase cyber kill chain model that it believes will be more inclusive and more effective than the existing range of models.

Firefox 111 patches 13 CVEs, including several vulnerabilities classified as high severity.

Polish counter-intelligence has dismantled a Russian spy ring that gathered information on military equipment deliveries to Ukraine.

CISA this week announced it is seeking public input on draft guidance for securing cloud business applications.

Microsoft says Russia targeted at least 17 European nations in 2023 — mostly governments — and 74 countries since the start of the Ukraine war.

SecurityWeek’s Cyber Madness Bracket Challenge is a contest designed to bring the community together in a fun, competitive way through one of America’s top sporting events.

Health services company Independent Living Systems has disclosed a data breach that impacts more than 4 million individuals.

Russia-backed threat group Winter Vivern has targeted government entities in Poland, Ukraine, Italy, and India in recent campaigns

Cyberspies and cybercriminals exploited a Telerik vulnerability tracked as CVE-2019-18935 on a government agency’s IIS server.

Social media platform Facebook unlawfully processed Dutch users' personal details without consent for advertising purposes for almost a decade.

Rapid7 spends $38 million to acquire Israeli anti-ransomware startup Minerva Labs to beef up its managed detection and response portfolio.

Microsoft blames a “Russian-based threat actor” for in-the-wild attacks hitting its flagship Microsoft Outlook and has released a detection script to help defenders.

NSA publishes recommendations on maturing identity, credential, and access management capabilities to improve cyberthreat protections.

Sagar Singh and Nicholas Ceraolo have been charged for their alleged roles in a doxing operation that involved hacking a law enforcement platform and email account.