Latest News

Unless you have been gifted with a photographic memory, this is likely going to sound very familiar. Picture it: You’re away from your desk and you need to access one of your apps from your phone. You attempt to sign in and get the dreaded message: “the username and password entered do not match our records.” Thus begins the time-consuming process of requesting a password reset, including coming up with a new password that doesn’t match something you’ve already used in the past. Despite the frustration you feel, passwords have been the cornerstone of keeping our online data secure fo

New order mandates securing the federal software supply chain and communications networks, as well as deploying AI tools to protect critical infrastructure from cyberattacks — but will the Trump administration follow through?

### Impact Gomatrixserverlib is vulnerable to server-side request forgery, serving content from a private network it can access, under certain conditions. ### Patches c4f1e01eab0dd435709ad15463ed38a079ad6128 fixes this issue. ### Workarounds Use a local firewall to limit the network segments and hosts the service using gomatrixserverlib can access. ### References N/A

Mattermost versions 10.2.x <= 10.2.0, 9.11.x <= 9.11.5, 10.0.x <= 10.0.3, 10.1.x <= 10.1.3 fail to properly handle posts with attachments containing fields that cannot be cast to a String, which allows an attacker to cause the webapp to crash via creating and sending such a post to a channel.

Residents across the United States are being inundated with text messages purporting to come from toll road operators like E-ZPass, warning that recipients face fines if a delinquent toll fee remains unpaid. Researchers say the surge in SMS spam coincides with new features added to a popular commercial phishing kit sold in China that makes it simple to set up convincing lures spoofing toll road operators in multiple U.S. states.

The FTC claims that the Web hosting company's security failures led to several major breaches in the past few years.