Protect Yourself From Cyber’s Costliest Threat: Social Engineering
Fraudulent activity is everywhere in the digital age, and it’s only getting smarter and more expensive. In 2023 alone, businesses...
vulnerabilities
It’s a Mad, Mad World for DDoS; BGP Continues to Confound Security Teams
As the world roils in turmoil on numerous fronts, bad actors are seizing the moment by stepping up DDoS activity. “DDoS...
U.S. CISA adds FreeType flaw to its Known Exploited Vulnerabilities catalog
U.S. CISA adds FreeType flaw to its Known Exploited Vulnerabilities catalog Pierluigi Paganini May 07, 2025 U.S. Cybersecurity and Infrastructure Security...
U.S. CISA adds Langflow flaw to its Known Exploited Vulnerabilities catalog
U.S. CISA adds Langflow flaw to its Known Exploited Vulnerabilities catalog Pierluigi Paganini May 06, 2025 U.S. Cybersecurity and Infrastructure...
Wormable AirPlay Flaws Enable Zero-Click RCE on Apple Devices via Public Wi-Fi
Cybersecurity researchers have disclosed a series of now-patched security vulnerabilities in Apple's AirPlay protocol that, if successfully exploited, could enable...
IRONSCALES Extends Email Security Platform to Combat Deepfakes
IRONSCALES has extended the reach of the machine learning algorithms it uses to identify email anomalies to now include the...
Are You Too Reliant on Third-Party Vendors for Cybersecurity?
Third-party cybersecurity services are invaluable in information technology, offering crucial insights that safeguard data. They also take over some of...
Beyond Traditional Vendor Management: Navigating AI Risks in the Supply Chain
Cybersecurity is undergoing a fundamental transformation as artificial intelligence becomes more prevalent in our systems. There are many ways in...
Cybersecurity Insights with Contrast CISO David Lindner | 05/02/25
Insight No. 1 — Know which vulnerabilities are active in production Consider this: your pre-production scans might flag hundreds of...
AI Security Risks: Jailbreaks, Unsafe Code, and Data Theft Threats in Leading AI Systems
In recent reports, significant security vulnerabilities have been uncovered in some of the world’s leading generative AI systems, such as...
F5 Extends Security Reach to Large Language Models
F5 has extended and added support for web application scanning that is capable of identifying vulnerabilities in large language models...
-Apr-29-2025-01-33-58-6552-PM.jpeg "Revived CryptoJS library is a crypto stealer in disguise")
Revived CryptoJS library is a crypto stealer in disguise
An illicit npm package called ‘crypto-encrypt-ts‘ may appear to revive the unmaintained but vastly popular CryptoJS library, but what it...
U.S. CISA adds SAP NetWeaver flaw to its Known Exploited Vulnerabilities catalog
U.S. CISA adds SAP NetWeaver flaw to its Known Exploited Vulnerabilities catalog Pierluigi Paganini April 30, 2025 U.S. Cybersecurity and...
Google Reports 75 Zero-Days Exploited in 2024 — 44% Targeted Enterprise Security Products
Google has revealed that it observed 75 zero-day vulnerabilities exploited in the wild in 2024, down from 98 in 2023. ...
Desired Effect Marketplace: Researchers Get Their Due, Defenders Get Realtime Info on Zero Days
There’s no way to oversell the importance of data and intelligence sharing to those defenders tasked with understanding threats and...
