Security
Headlines
HeadlinesLatestCVEs

Latest News

Deepfake Scams Are Distorting Reality Itself

The easy access that scammers have to sophisticated AI tools means everything from emails to video calls can’t be trusted.

Wired
#sap#wifi
The Rise of ‘Vibe Hacking’ Is the Next AI Nightmare

In the very near future, victory will belong to the savvy blackhat hacker who uses AI to generate code at scale.

The US Grid Attack Looming on the Horizon

A major cyberattack on the US electrical grid has long worried security experts. Such an attack wouldn’t be easy. But if an adversary pulled it off, it’d be lights out in more ways than one.

See How Much Faster a Quantum Computer Will Crack Encryption

A quantum computer will likely one day be able to break the encryption protecting the world's secrets. See how much faster such a machine could decrypt a password compared to a present-day supercomputer.

You're Not Ready

Seems bad out there. Unfortunately, it can always get worse. From evil hacker AI to world-changing cyberattacks, WIRED envisions the future you haven't prepared for.

StormWall Reveals India, China and US Faced Most DDoS Attacks in Q1 2025

Shift in cyberattack focus puts APAC region under growing pressure.

GHSA-7633-x85h-5mqh: kro Confused Deputy vulnerability

kro (Kube Resource Orchestrator) 0.1.0 before 0.2.1 allows users (with permission to create or modify ResourceGraphDefinition resources) to supply arbitrary container images. This can lead to a confused-deputy scenario where kro's controllers deploy and run attacker-controlled images, resulting in unauthenticated remote code execution on cluster nodes.

HPE Issues Security Patch for StoreOnce Bug Allowing Remote Authentication Bypass

Hewlett Packard Enterprise (HPE) has released security updates to address as many as eight vulnerabilities in its StoreOnce data backup and deduplication solution that could result in an authentication bypass and remote code execution. "These vulnerabilities could be remotely exploited to allow remote code execution, disclosure of information, server-side request forgery, authentication bypass,

How to Approach Security in the Era of AI Agents

Organizations need to implement these five essential security controls to safely harness the power of autonomous AI agents while still protecting enterprise assets.

GHSA-7v6m-28jr-rg84: Hibernate Validator may interpolate user-supplied input in a constraint violation message with Expression Language

Hibernate Validator before 6.2.0 and 7.0.0, by default and depending how it is used, may interpolate user-supplied input in a constraint violation message with Expression Language. This could allow an attacker to access sensitive information or execute arbitrary Java code. Hibernate Validator as of 6.2.0 and 7.0.0 no longer interpolates custom constraint violation messages with Expression Language and strongly recommends not allowing user-supplied input in constraint violation messages. CVE-2020-5245 and CVE-2025-4428 are examples of related, downstream vulnerabilities involving Expression Language intepolation of user-supplied data.