A security flaw in Koo's platform was uncovered, allowing attackers to run malicious JavaScript code against its users, according to The Hacker News. To keep the exploit from spreading, the platform patched the vulnerability. When security researcher Rahul Kankrale discovered the problem, Koo immediately responded show more ...
Cisco revealed that a remote code execution (RCE) vulnerability in the Adaptive Security Device Manager (ADSM) Launcher disclosed last month is a zero-day bug that has yet to receive a security update.
As technology has advanced and converged to support sharing in more recent times, there has been a stronger desire to leverage these new technical capabilities for greater sharing at higher volumes and faster speeds.
Group-IB has shared a technical analysis of Prometheus TDS, an underground service that has been used for the distribution of various malware families, such as Buer Loader, Campo Loader, Hancitor, IcedID, QBot, and SocGholish.
The most severe vulnerability, tracked as CVE-2021-22937 is a high-severity remote code execution vulnerability that resides in the admin web interface of Pulse Connect Secure.
In a draft update to its flagship cyber resiliency publication, experts from the National Institute of Standards and Technology offer a next-gen strategy for protecting critical information technology systems from their inside out.
A new variant of the Golang crypto-worm was recently spotted dropping Monero-mining malware on victim machines; in a switch-up of tactics, the payload binaries are capable of speeding up the mining process by 15 percent, researchers said.
Taiwanese motherboard maker has been hit by the RansomEXX ransomware gang, who threaten to publish 112GB of stolen data unless a ransom is paid. The incident also affected multiple websites of the company, including its support site.
A staggering 86% of global organizations believe they will suffer serious cyber attacks in the next year and 80% reported they are likely to experience a data breach, according to a new report by Trend Micro and the Ponemon Institute.
The commonly used "net" library in Go and Rust languages is also impacted by the mixed-format IP address validation vulnerability. The bug has to do with how net treats IP addresses as decimal, even when they are provided in a mixed format.
The National Cyber Security Centre (NCSC), part of the U.K Government's Communications Headquarters, highlighted its “three random words” recommendation in a new blog post.
The Illinois State Police have said that they have added additional online security requirements to FOID online application system after hackers attempted to breach the site.
The University of Kentucky said it discovered a security breach of one of its test-taking platforms during a scheduled security penetration test carried out by a third party in early June.
Founded in 2020, Dustico provides a dynamic source-code analysis platform that employs machine learning to detect malicious attacks and backdoors in software supply chains.
OneNav Beta version 0.9.12 suffers from a persistent cross site scripting vulnerability.
