The Global Legal Entity Identifier Foundation (GLEIF) has announced a new collaboration with Certification Authorities (CAs) and Trust Service Providers (TSPs), to drive the use of...
Google issues a new warning about Spectre attacks using JavaScript to leak data from one site to another. Google has released a proof of concept (PoC)...
The Telecommunications Industry Association published a new white paper on SCS 9001, the first process-based supply chain security standard for the information communications technology (ICT) industry. With sophisticated supply...
Critical vulnerabilities in LocalStack, a popular framework for building cloud applications, can be chained to remotely take over locally-run LocalStack instances, security researchers claim. Researchers from...
Microsoft has addressed a known issue causing memory or disk space errors when opening some documents using Microsoft Word, Microsoft Excel, or other Microsoft Office apps....
A new online service allows security researchers to search for exposed shortened URLs, known for their risks to security and privacy. Shortened URLs are comparatively easy to brute-force,...
Attackers often keep upgrading their tools to scan for and infect new devices by exploiting unpatched vulnerabilities. Recently, the z0Miner cryptomining malware was spotted probing cloud...
A dropper has been discovered spreading via Google Play Store to deliver financial trojans. Dubbed Clast82, the dropper was found spreading AlienBot Banker and MRAT trojans...
Multiple Microsoft-themed phishing campaigns have been discovered that are using phony Google reCAPTCHA. In these, the attackers are looking for credentials of senior employees of various...
UPDATED A newly launched regex-scanning tool has been used by its architects to unearth multiple regular expression denial-of-service (ReDoS) vulnerabilities in popular NPM, Python, and Ruby dependencies....