CISA Lays Out Roadmap for CVE Program’s ‘Quality Era’
Five months after the future of the CVE program was thrown in doubt, CISA this week released a roadmap that...
news
Microsoft’s ‘Gross Cybersecurity Negligence Threatens National Security’
Roasting Redmond for Kerberoasting: “Like an arsonist selling firefighting services,” quips this 76-year-old. The post Microsoft’s ‘Gross Cybersecurity Negligence Threatens...
Permiso Uncovers Unicode Technique to Compromise Microsoft Exchange Rules
Permiso researchers uncovered a Unicode obfuscation technique, “Inboxfuscation,” that exploits Microsoft Exchange inbox rules to evade detection and exfiltrate email...
Wyden Asks FTC to Investigate Microsoft’s ‘Gross Cybersecurity Negligence’
For the second time in two years, Senator Ron Wyden is asking federal regulators to investigate Microsoft's cybersecurity practices, saying...
Malware Injected Into Code Packages That Get 2 Billion+ Downloads Each Week
Image: SizeSquare's/Adobe Stock In a massive attack on the JavaScript ecosystem, unidentified hackers have compromised a series of npm (Node...
Former WhatsApp Security Chief Sues Meta, Citing Major Privacy Risks
Image: Dimitri Karastelev/Unsplash A former WhatsApp executive has filed a lawsuit against Meta, alleging the company ignored serious security flaws...
UNC6395 Hackers Accessed Systems via a GitHub Account, Salesloft Says
Security investigators from Google said UNC6395 hackers spent several months running through Salesloft and Drift systems before launching a data...
Lasso Platform Employs AI Agents to Secure AI Applications
Lasso has launched an agentic AI service for purple teaming that secures AI applications before and after deployment. By combining...
Burger King’s ‘Very Bad’ Bugs Leaked Your Data, Claim Gagged Hackers
Streisand Effect in full effect: Restaurant Brands International (RBI) “assistant” platform riddled with terrible security flaws. The post Burger King’s...
GPUGate Malware Shows Hardware-Specific Evasion Tactics: Arctic Wolf
Bad actors are using GitHub's repository structure and paid Google Ads placements to trick EU IT users into downloading a...
Report: Massive Number of Internet Exposed Assets Still Lack WAF Protection
Over half of internet-exposed cloud and non-cloud assets in Global 2000 companies lack web application firewall (WAF) protection, leaving sensitive...
Chinese Group Accused of Using Fake U.S. Rep. Email to Spy on Trade Talks
The Chinese state-sponsored group APT41 is accused of using a fake email impersonating a U.S. representative containing spyware and sent...
Cybercriminals ‘Grok’ Their Way Past X’s Defenses to Spread Malware
Image: Envato Elements Threat actors have found a way to weaponize trust itself. By bending X’s AI assistant to their...
Is a Recent Windows Update Responsible for SSD Failures? Microsoft Has an Answer
Image: WhataWin/Adobe Stock Some Windows 11 users are blaming a recent patch for causing data corruption and hardware failure within...
‘Unprecedented Growth’ by Anthropic: This AI Startup is Now Valued at $183B
Anthropic’s Dario Amodei and Daniela Amodei. Image: Anthropic The AI craze has propelled Anthropic to a $183 billion post-money valuation...
