The Fragile Lock: Novel Bypasses For SAML Authentication
TLDR This post shows how to achieve a full authentication bypass in the Ruby and PHP SAML ecosystem by exploiting several parser-level inconsistencies: inclu...
Aggregating 7432 articles from trusted cybersecurity sources
TLDR This post shows how to achieve a full authentication bypass in the Ruby and PHP SAML ecosystem by exploiting several parser-level inconsistencies: inclu...
Posted by Liz Prucka, Hamzeh Zawawy, Rishika Hooda, Android Security and Privacy Team Last year, Google's Android Red Team partnered with Arm to conduct an i...
Is your organization’s senior leadership vulnerable to a cyber-harpooning? Learn how to keep them safe.
Posted by Nathan Parker, Chrome security team Chrome has been advancing the web’s security for well over 15 years, and we’re committed to meeting new challen...
Summary Note: This joint Cybersecurity Advisory is being published as an addition to the Cybersecurity and Infrastructure Security Agency (CISA) May 6, 2025,...
Identity is effectively the new network boundary. It must be protected at all costs.
Posted by Aden Haussmann, Associate Product Manager and Sumeet Sharma, Play Partnerships Trust & Safety Lead Android uses the best of Google AI and our advan...
MuddyWater targets critical infrastructure in Israel and Egypt, relying on custom malware, improved tactics, and a predictable playbook
From LinkedIn to X, GitHub to Instagram, there are plenty of opportunities to share work-related information. But posting could also get your company into tr...
Data exposure by top AI companies, the Akira ransomware haul, Operation Endgame against major malware families, and more of this month's cybersecurity news
Online disagreements among young people can easily spiral out of control. Parents need to understand what’s at stake.
Social media influencers can provide reach and trust for scams and malware distribution. Robust account protection is key to stopping the fraudsters.
The breach, which occurred on February 7 and was disclosed on February 12, affected 6.2 million Odido customers.
The breach, which Miinto reported to the police and data protection authorities, may have compromised customer names, email addresses, physical addresses, an...
The Dutch National Police (Politie) says it has found "strong indications" that Dutch hackers have been involved in a February breach at the telecommunicatio...
Authorities launch Operation First Light 2026, attackers deploy Forg365 to hijack Microsoft accounts, and rival cyberspies breach Pakistani police networks.
When done correctly, regulations can help companies restore operations quickly and maintain trust after a breach.
Other noteworthy stories that might have slipped under the radar: Abnormal AI sued by Anthropic, AssuranceAmerica data breach affects 7 million people, NSA b...
AssuranceAmerica discovered unauthorized access to its systems on March 17, concluding its investigation on June 15.
AssuranceAmerica confirmed a breach exposing nearly 7 million driver’s licenses after hackers compromised an employee account and stole customer data. U.
Hackers exploited a zero-day vulnerability in a third-party system to access a KDDI email system for ISPs. The post 12 Million Impacted by Data Breach at Jap...
AssuranceAmerica, a U.S.
A threat actor on a prominent cybercrime forum has claimed responsibility for leaking data allegedly belonging to Nike and Alcon, posting the purported datas...
American insurance company AssuranceAmerica has disclosed a data breach impacting nearly 7 million drivers after attackers gained access to its systems earli...