Latest News

DeepSeek, a new China-backed AI platform, faces a cyberattack disrupting new user registrations. Learn about its rapid growth,…

A critical vulnerability in Brave Browser allows malicious websites to appear as trusted sources during file uploads/downloads. Learn…

Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG) vulnerability in Apache Cocoon. This issue affects Apache Cocoon: all versions. When a continuation is created, it gets a random identifier. Because the random number generator used to generate these identifiers was seeded with the startup time, it may not have been sufficiently unpredictable, and an attacker could use this to guess continuation ids and look up continuations they should not have had access to. As a mitigation, you may enable the "session-bound-continuations" option to make sure continuations are not shared across sessions. As this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restrict access to the instance to trusted users. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

Beware of a convincing Royal Mail SMS phishing scam asking for personal details and payment for re-delivery. Learn…

Whether you're facing growing data demands and increased cyber threats, or simply looking to future-proof your business, it's time to consider the long-term benefits of transitioning to a cloud-first infrastructure.

UnitedHealth now estimates that 190 million people were affected by the massive Change Healthcare data breach nearly a year ago.

Multiple security vulnerabilities have been disclosed in GitHub Desktop as well as other Git-related projects that, if successfully exploited, could permit an attacker to gain unauthorized access to a user's Git credentials. "Git implements a protocol called Git Credential Protocol to retrieve credentials from the credential helper," GMO Flatt Security researcher Ry0taK, who discovered the flaws

Welcome to your weekly cybersecurity scoop! Ever thought about how the same AI meant to protect our hospitals could also compromise them? This week, we’re breaking down the sophisticated world of AI-driven threats, key updates in regulations, and some urgent vulnerabilities in healthcare tech that need our attention. As we unpack these complex topics, we'll equip you with sharp insights to

uniapi version 1.0.7 introduces code that would execute on import of the module and download a script from a remote URL, and would then execute the downloaded script in a thread. The downloaded script would harvest system information and `POST` the information to another remote URL. This code was found in the PyPI release artifacts and was not present in the public GitHub repository.

“Yahoo Boy” scammers are impersonating CNN and other news organizations to create videos that pressure victims into making blackmail payments.