Vulnerabilities | News, how-tos, features, reviews, and videos
Government-backed threat actors are using zero-day exploits to infect security researchers and exfiltrate critical vulnerability information.
In cybersecurity’s never-ending cat-and-mouse game with hackers and grifters, the threats are always evolving. Here are some of the main attacks experts see as the biggest and baddest on the horizon.
While medical devices are the most susceptible to unpatched CVEs, operational technology assets are the most attacked.
Microsoft has decided to pull back support for Transport Layer Security versions 1.0 and 1.1 in upcoming Windows rollouts.
Attackers are taking advantage of the increased use of QR codes to steal sensitive information or conduct phishing campaigns. Here's what security teams and employees need to know.
The fast response to mitigation attempts shows a high level of sophistication to extend what is likely a cyberespionage campaign.
Researchers have chained two medium severity vulnerabilities to execute "world ending" remote code execution, and a real-world exploit has been found.
The automated solution features DAST, SAST, and SCA scanning capacities.
New research also shows old CVEs are still exploited en masse with HTTP anomalies the most common API attack vector.
Each of the two vulnerabilities in the Windows archive tool could allow attackers to execute malicious code.