Critical Gitea flaw allows authentication bypass via single HTTP header
The vulnerability stems from an insecure default configuration in Gitea's official Docker images (versions prior to 1.26.
20 articles
The vulnerability stems from an insecure default configuration in Gitea's official Docker images (versions prior to 1.26.
Keyfactor's platform, AgileSec, helps organizations manage and secure their encryption keys and other cryptographic assets like digital certificates.
Radware's update provides improved monitoring and mapping of agent interactions and dependencies, allowing security teams to understand how autonomous system...
A threat actor, identified as "888," posted on a cybercrime forum offering the data for sale, alleging it was stolen in July.
Infoblox researchers uncovered the operation after analyzing a malicious 7-Zip installer. They found over 230 related domains linked through various infrastr...
The vulnerability, tracked as CVE-2026-11405, resides in the login function of the router's web server binary.
Researchers at Zhejiang University have developed Bit2Watt, a proof-of-concept attack that abuses rented GPUs by running specialized workloads designed to ra...
Digitalsystem Technology, headquartered in Los Angeles, was added to the FCC's Covered List for its partnerships with Hong Kong operators China Mobile and Ch...
The trojanized installer, identified as Kuailian_win-setup.86.
The plaintiffs, including journalist Thanasis Koukakis, lawyers, and intelligence officials, are each seeking €1 million in moral damages.
Online program aims to build a pipeline of qualified candidates to fill positions that require much-needed AI skills.
Here’s why teams have to treat token management with the same urgency as network telemetry.
Armored Likho utilizes a modular and evolving toolkit that includes obfuscated remote access trojans (RATs), the Python-based BusySnake Stealer, and Go2Tunne...
The lawsuit, initially filed by three women, now includes two additional anonymous plaintiffs, Jane Does 4 and 5.
The vulnerabilities, tracked as CVE-2026-40138 and CVE-2026-40139, affect specific versions of BeyondTrust's RS and PRA software.
Marks & Spencer has become one of the first companies to sign up to the UK government's new Cyber Resilience Pledge, following a year where the retailer ...
The FortiBleed campaign targets internet-facing Fortinet VPNs and firewalls, with over 70,000 devices in 194 countries believed to be affected.