A 0-click exploit chain for the Pixel 9 Part 3: Where do we go from here?
While our previous two blog posts provided technical recommendations for increasing the effort required by attackers to develop 0-click exploit chains, our e...
Aggregating 7432 articles from trusted cybersecurity sources
While our previous two blog posts provided technical recommendations for increasing the effort required by attackers to develop 0-click exploit chains, our e...
With the advent of a potential Dolby Unified Decoder RCE exploit, it seemed prudent to see what kind of Linux kernel drivers might be accessible from the res...
Over the past few years, several AI-powered features have been added to mobile phones that allow users to better search and understand their messages. One ef...
With browser-embedded AI agents, we’re essentially starting the security journey over again. We exploited a lack of isolation mechanisms in multiple agentic ...
If your data is on the dark web, it’s probably only a matter of time before it’s abused for fraud or account hijacking. Here’s what to do.
Stop ransomware before encryption begins. Learn how intelligence-driven detection tools can help identify precursor behaviors and reduce false positives for ...
December 2025 saw a 120% surge in critical CVEs, with 22 exploited flaws and React2Shell (CVE-2025-55182) dominating threat activity across Meta’s React fram...
Threat intelligence practitioners from Global Payments, Adobe, and Superhuman reveal how mature CTI programs transform data overload into strategic business ...
Reusing passwords may feel like a harmless shortcut – until a single breach opens the door to multiple accounts
Update: nominations are now closed, and voting is live!
Go’s arithmetic operations on standard integer types are silent by default, meaning overflows “wrap around” without panicking. This behavior has hidden an en...
As 2025 draws to a close, Tony looks back at the cybersecurity stories that stood out both in December and across the whole of this year
The breach, which occurred on February 7 and was disclosed on February 12, affected 6.2 million Odido customers.
The breach, which Miinto reported to the police and data protection authorities, may have compromised customer names, email addresses, physical addresses, an...
The Dutch National Police (Politie) says it has found "strong indications" that Dutch hackers have been involved in a February breach at the telecommunicatio...
Authorities launch Operation First Light 2026, attackers deploy Forg365 to hijack Microsoft accounts, and rival cyberspies breach Pakistani police networks.
When done correctly, regulations can help companies restore operations quickly and maintain trust after a breach.
Other noteworthy stories that might have slipped under the radar: Abnormal AI sued by Anthropic, AssuranceAmerica data breach affects 7 million people, NSA b...
AssuranceAmerica discovered unauthorized access to its systems on March 17, concluding its investigation on June 15.
AssuranceAmerica confirmed a breach exposing nearly 7 million driver’s licenses after hackers compromised an employee account and stole customer data. U.
Hackers exploited a zero-day vulnerability in a third-party system to access a KDDI email system for ISPs. The post 12 Million Impacted by Data Breach at Jap...
AssuranceAmerica, a U.S.
A threat actor on a prominent cybercrime forum has claimed responsibility for leaking data allegedly belonging to Nike and Alcon, posting the purported datas...
American insurance company AssuranceAmerica has disclosed a data breach impacting nearly 7 million drivers after attackers gained access to its systems earli...