U.S. CISA adds iCagenda and Balbooa Forms flaws to its Known Exploited Vulnerabilities catalog
U.S.
20 articles
U.S.
Binarly found six U-Boot flaws, including two that enable code execution during boot image verification, impacting 50+ releases. Binarly’s research team has ...
The Cybersecurity and Infrastructure Security Agency (CISA) has disclosed details of an internal security incident involving exposed AWS GovCloud credentials...
Wireshark release 4.6.
A PNG hiding a prompt injection could steal your repo's secrets, researchers demonstrate. The technique, dubbed 'Ghostcommit,' slipped past AI code reviewers...
Matt Burch, a principal security researcher at Atredis Partners, will present his findings on CryptoPro Secure Disk at Black Hat USA 2026.
QiAnXin, a Chinese cybersecurity company, reported that while the group's operations may appear unsophisticated due to the use of SEO poisoning and counterfe...
The APS-ONE-400, part of Keysight's APS-100/400-gigabit Ethernet (GE) hardware line, offers 400 Gb/s Layer 4-7 throughput and 95 Gb/s of elephant flow throug...
The incident involved a staff member transferring a spreadsheet containing patient data from the maternity system to their personal email.
A Bulgarian national, already serving a lengthy prison sentence for laundering millions stolen from American fraud victims, has been charged with stealing $2...
Progress Software has alerted ShareFile customers who utilize Storage Zone Controllers, which allow for on-premises file hosting while using ShareFile's clou...
CISA credentials and code were uploaded to a public repository on a contractor’s personal GitHub account in May.
Post-quantum HTTPS may expose browser, cookie and TLS proxy security gaps.
The incident occurred after a contributor's abusive behavior reportedly led to some members leaving the project.
The supply-chain attack was detected by application security companies Socket, Ox Security, and StepSecurity via version 1.20.
Attackers pose as IT and tell employees to enroll an MS passkey, but the bad guys register their own key and take over the user.
The law known as Chat Control 2.0 passed in the European Parliament, permitting companies like Google, Meta and Microsoft to scan users' messages to hunt for...
A major credential leak spurred the Cybersecurity and Infrastructure Security Agency to strengthen protections for its sensitive materials, improve how resea...
Flexible governance, not restriction, of AI agents preserves productivity while providing oversight and accountability.