Latest News
The easy access that scammers have to sophisticated AI tools means everything from emails to video calls can’t be trusted.
In the very near future, victory will belong to the savvy blackhat hacker who uses AI to generate code at scale.
A major cyberattack on the US electrical grid has long worried security experts. Such an attack wouldn’t be easy. But if an adversary pulled it off, it’d be lights out in more ways than one.
A quantum computer will likely one day be able to break the encryption protecting the world's secrets. See how much faster such a machine could decrypt a password compared to a present-day supercomputer.
Seems bad out there. Unfortunately, it can always get worse. From evil hacker AI to world-changing cyberattacks, WIRED envisions the future you haven't prepared for.
Shift in cyberattack focus puts APAC region under growing pressure.
kro (Kube Resource Orchestrator) 0.1.0 before 0.2.1 allows users (with permission to create or modify ResourceGraphDefinition resources) to supply arbitrary container images. This can lead to a confused-deputy scenario where kro's controllers deploy and run attacker-controlled images, resulting in unauthenticated remote code execution on cluster nodes.
Hewlett Packard Enterprise (HPE) has released security updates to address as many as eight vulnerabilities in its StoreOnce data backup and deduplication solution that could result in an authentication bypass and remote code execution. "These vulnerabilities could be remotely exploited to allow remote code execution, disclosure of information, server-side request forgery, authentication bypass,
Organizations need to implement these five essential security controls to safely harness the power of autonomous AI agents while still protecting enterprise assets.
Hibernate Validator before 6.2.0 and 7.0.0, by default and depending how it is used, may interpolate user-supplied input in a constraint violation message with Expression Language. This could allow an attacker to access sensitive information or execute arbitrary Java code. Hibernate Validator as of 6.2.0 and 7.0.0 no longer interpolates custom constraint violation messages with Expression Language and strongly recommends not allowing user-supplied input in constraint violation messages. CVE-2020-5245 and CVE-2025-4428 are examples of related, downstream vulnerabilities involving Expression Language intepolation of user-supplied data.