The federal government is looking to partner with state and local governments to grow its Login.gov service, which it says is secure and user friendly. The...
The maintainers of PHP have released a post-mortem report after an unknown actor pushed backdoored code onto the scripting language’s official PHP Git repository. As previously reported by The...
SAP systems running outdated or misconfigured software are exposed to increased risks of malicious attacks, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned. SAP...
During the first day of Pwn2Own 2021, contestants won $440,000 after successfully exploiting previously unknown vulnerabilities to hack Microsoft’s Windows 10 OS, the Exchange mail server,...
A security researcher earned a $6,000 bug bounty after uncovering a set of web security flaws that allowed attackers to play supposedly private YouTube videos. David Schütz (@xdavidhu)...
UPDATED A macOS vulnerability enabled attackers to execute malicious HTML within TXT files that, if opened by victims, could leak their IP address and, worse still, give...
The Pentagon’s Cyber Crime Center and bug bounty vendor HackerOne have launched the Defense Industrial Base Vulnerability Disclosure Program (DIB-VDP), an effort to share vulnerability data and boost...
A malicious document builder named EtterSilent is gaining more attention on underground forums, security researchers note. As its popularity increased, the developer kept improving it to...
INTRODUCTION The developers of the Phobos ransomware have added new fileless and evasive techniques to their arsenal. Constantly keeping their attack up to date helps them...
Browser lockers (aka browlocks) are a class of online threats that prevent the victim from using the browser and demand a ransom. A locker is a...