Latest News

API cybersecurity will be a ping pong ball, battered between the rackets of AI-assisted attackers and AI-assisted defenders.

Impacting Anthropic’s official MCP server, the vulnerabilities can be exploited through prompt injections.

Oracle’s January 2026 CPU resolves roughly 230 unique vulnerabilities across more than 30 products.

The most common stolen passwords in 2025 were 123456, admin, and password, according to a Specops study.

Under the new rules, measures for 5G cybersecurity would become mandatory.

The two bugs, an arbitrary file read and an SSRF bug, can be exploited without user interaction to leak credentials, databases, and other data.

Providing cyberespionage and remote code execution capabilities, the malware is executed via DLL sideloading.

A simple payload allowed attackers to create a new event leaking summaries of the victim’s private meetings.

The researcher who discovered the vulnerability saw more than 2,500 internet-exposed devices.

Operating as an access broker, the defendant sold unauthorized access to compromised networks to an undercover agent.

The information stealer abuses legitimate APIs and libraries to exfiltrate data to Discord webhooks.

Information sharing is necessary for efficient cybersecurity, and is widespread; but never quite perfect in practice.

US officials told The New York Times that cyberattacks were used to turn off the lights in Caracas and disrupt air defense radars.

Posing as an ad blocker, the malicious extension crashes the browser to lure victims into installing malware.

The compromised personal information includes names, dates of birth, Social Security numbers, and employment-related data.