Latest News

The relationship between the Russian government and cybercriminal groups has evolved from passive tolerance.

SquareX has shown how malicious browser extensions can impersonate AI sidebar interfaces.

As AI coding tools flood enterprises with functional but flawed software, researchers urge embedding security checks directly into the AI workflow.

Patched in September, the SessionReaper bug could be exploited without authentication to bypass a security feature.

The vulnerabilities allow attackers to predict source ports and query IDs BIND will use, and to inject forged records into the cache.

The bug has been exploited in the wild as a zero-day and the US cybersecurity agency CISA has added it to its KEV catalog.

Verizon’s 2025 Mobile Security Index shows that 85% of organizations believe mobile device attacks are on the rise.

The vulnerability impacts multiple Rust tar parsers, allowing attackers to smuggle additional archive entries.

One of the flaws can be exploited by remote unauthenticated attackers for arbitrary command execution.

The company’s IAM platform identifies AI agents, supports assigning permission to them, and tracks all activity.

Star Blizzard started using the NoRobot (BaitSwitch) and MaybeRobot (SimpleFix) malware after public reporting on the LostKeys malware.

If you are recruiting for a Field CISO, Field CTO, etc., or are looking to leverage a resource at your company in one of these roles, what are some things you should be aware of?

Jewett-Cameron Company says hackers stole sensitive information and are threatening to release it unless a ransom is paid.

The Critical Patch Update contains 374 new security patches that resolve many vulnerabilities.

Participants exploited 34 previously unknown vulnerabilities to hack printers, NAS devices, and smart home products.