The Iranian Agrius APT hacking group is using a new ‘Fantasy’ data wiper in supply-chain attacks impacting organizations in Israel, Hong Kong, and South Africa. The...
Indian cybersecurity firm CloudSEK says a threat actor gained access to its Confluence server using stolen credentials for one of its employees’ Jira accounts. While some...
A new Go-based malware named ‘Zerobot’ has been spotted in mid-November using exploits for almost two dozen vulnerabilities in a variety of devices that include F5 BIG-IP, Zyxel firewalls, Totolink...
Apple introduced today Advanced Data Protection for iCloud, a new feature that uses end-to-end encryption to protect sensitive iCloud data, including backups, photos, notes, and more....
A darknet platform dubbed ‘Zombinder’ allows threat actors to bind malware to legitimate Android apps, causing victims to infect themselves while still having the full functionality...
This year, provisions that were ultimately left out of the massive annual Defense authorization bill—despite in some cases bipartisan agreement across both Congressional chambers—got the most...
NodeBB, a Node.js platform for creating forum applications, has patched a prototype pollution vulnerability that could allow attackers to impersonate other users and take over administrator accounts. The vulnerability was...
Despite fears of a looming recession, SMBs in the U.S. are spending more on software in 2023, according to Capterra’s 2023 SMB Software Buying Trends Survey....
A computer program known as a “bot” acts as an agent for a user or another program or mimics human action. Bots are typically used to...
ConductorOne open-sourced their identity connectors in a project called Baton, available on GitHub. Each connector gives developers the ability to extract, normalize, and interact with workforce identity...