Google has released Chrome 95.0.4638.69 for Windows, Mac, and Linux to fix two zero-day vulnerabilities that attackers have actively exploited.
A security researcher has disclosed technical details for a Windows zero-day privilege elevation vulnerability and a public proof-of-concept (PoC) exploit that gives SYSTEM privileges under certain conditions.
CISA and the NSA shared guidance on securing cloud-native 5G networks from attacks seeking to compromise information or deny access by taking down cloud infrastructure.
Attackers could use a new macOS vulnerability discovered by Microsoft to bypass System Integrity Protection (SIP) and perform arbitrary operations, elevate privileges to root, and install rootkits on vulnerable devices.
A new variant of the Android info-stealer called FakeCop has been spotted by Japanese security researchers, who warn that the distribution of the malicious APK is picking up pace.
The OptinMonster plugin is affected by a high-severity flaw that allows unauthorized API access and sensitive information disclosure on roughly a million WordPress sites.
New Android malware can root infected devices to take complete control and silently tweak system settings, as well as evade detection using code abstraction and anti-emulation checks.
Researchers have spotted two campaigns linked to either the REvil ransomware gang or the SolarMarker backdoor that use SEO poisoning to serve payloads to targets.
Microsoft is now rolling out the Windows 11 upgrade to more eligible Windows devices as part of a phased rollout designed to deliver a smooth upgrade experience.
If you want to break into this niche, How to Hack from Beginner to Ethical Hacking Certification offers 161 hours of essential training. It's worth $1,649, but you can get it today for just $39.
German investigators have reportedly identified a Russian man named Nikolay K. whom they believe to be one of REvil ransomware gang's core members, one of the most notorious and successful ransomware groups in recent years.
The private key used to sign EU Digital Covid certificates has been reportedly leaked and is being circulated on messaging apps and forums. The key has also been misused to generate forged certificates, such as those for Adolf Hitler, Mickey Mouse, Sponge Bob—all of which are being recognized as valid by the official government apps.
Approximately 400,000 users of Scoolio, a student community app widely used in Germany, had sensitive information exposed due to an API flaw in the platform.
The Grief ransomware gang claims to have attacked the National Rifle Association (NRA) and released allegedly stolen data as proof of the attack.
A set of seemingly innocuous Android apps have been infecting Israeli users with spyware since 2018, and the campaign continues to this day.
Avast has just released a decryption tool that will help AtomSilo and LockFile ransomware victims recover some of their files for free, without having to pay a ransom.
Twitter rolled out security keys to its entire workforce and made two-factor authentication (2FA) mandatory for accessing internal systems following last year's hack.
The Security Service of Ukraine (SSU) has arrested a team of actors who illegally infiltrated the information system of the National Health Service of Ukraine (NHSU) and entered false vaccination entries for other people.
Czech cybersecurity software firm Avast has created and released a decryption tool to help Babuk ransomware victims recover their files for free.
The Federal Communications Commission (FCC) has revoked China Telecom Americas' license to provide telecommunication services within the United States.