DOM-Based Extension Clickjacking Exposes Popular Password Managers to Credential and Data Theft
2 min read
Popular password manager plugins for web browsers have been found susceptible to clickjacking security vulnerabilities that could...
Experts Find AI Browsers Can Be Tricked by PromptFix Exploit to Run Malicious Hidden Prompts
5 min read
Cybersecurity researchers have demonstrated a new prompt injection technique called PromptFix that tricks a generative artificial intelligence...
Do you know how many AI agents are running inside your business right now?
If the answer is...
Modern businesses face a rapidly evolving and expanding threat landscape, but what does this mean for your...
North Korean threat actors have been attributed to a coordinated cyber espionage campaign targeting diplomatic missions in...
A 22-year-old man from the U.S. state of Oregon has been charged with allegedly developing and overseeing...
Threat actors are exploiting a nearly two-year-old security flaw in Apache ActiveMQ to gain persistent access to...
Financial institutions like trading and brokerage firms are the target of a new campaign that delivers a...
A new exploit combining two critical, now-patched security flaws in SAP NetWeaver has emerged in the wild,...
U.K. Government Drops Apple Encryption Backdoor Order After U.S. Civil Liberties Pushback
2 min read
The U.K. government has apparently abandoned its plans to force Apple to weaken encryption protections and include...
After two decades of developing increasingly mature security architectures, organizations are running up against a hard truth:...
PyPI Blocks 1,800 Expired-Domain Emails to Prevent Account Takeovers and Supply Chain Attacks
2 min read
The maintainers of the Python Package Index (PyPI) repository have announced that the package manager now checks...
The threat actors behind the Noodlophile malware are leveraging spear-phishing emails and updated delivery mechanisms to deploy...
Cybersecurity researchers have lifted the lid on the threat actors' exploitation of a now-patched security flaw in...
Power doesn’t just disappear in one big breach. It slips away in the small stuff—a patch that’s...
Malicious PyPI and npm Packages Discovered Exploiting Dependencies in Supply Chain Attacks
3 min read
Cybersecurity researchers have discovered a malicious package in the Python Package Index (PyPI) repository that introduces malicious...
Organizations handling various forms of sensitive data or personally identifiable information (PII) require adherence to regulatory compliance...
Cybersecurity researchers have detailed the inner workings of an Android banking trojan called ERMAC 3.0, uncovering serious...
Russian Group EncryptHub Exploits MSC EvilTwin Vulnerability to Deploy Fickle Stealer Malware
3 min read
The threat actor known as EncryptHub is continuing to exploit a now-patched security flaw impacting Microsoft Windows...
A Chinese-speaking advanced persistent threat (APT) actor has been observed targeting web infrastructure entities in Taiwan using...
