Security
Headlines
HeadlinesLatestCVEs

Tag

#google

AI & LLMs Show Promise in Squashing Software Bugs

Large language models (LLMs) can help app security firms find and fix software vulnerabilities. Malicious actors are on to them too, but here's why defenders may retain the edge.

DARKReading
Open in Source
#sql#vulnerability#google#intel#perl#samsung#auth#zero_day
Kernel Live Patch Security Notice LSN-0107-1

A significant amount of vulnerabilities in the Linux kernel have been resolved that include use-after-free and race conditions.

IcePeony and Transparent Tribe Target Indian Entities with Cloud-Based Tools

High-profile entities in India have become the target of malicious campaigns orchestrated by the Pakistan-based Transparent Tribe threat actor and a previously unknown China-nexus cyber espionage group dubbed IcePeony. The intrusions linked to Transparent Tribe involve the use of a malware called ElizaRAT and a new stealer payload dubbed ApoloStealer on specific victims of interest, Check Point

CISA Alerts to Active Exploitation of Critical Palo Alto Networks Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a now-patched critical security flaw impacting Palo Alto Networks Expedition to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2024-5910 (CVSS score: 9.3), concerns a case of missing authentication in the Expedition migration tool that

North Korean Hackers Target Crypto Firms with Hidden Risk Malware on macOS

A threat actor with ties to the Democratic People's Republic of Korea (DPRK) has been observed targeting cryptocurrency-related businesses with a multi-stage malware capable of infecting Apple macOS devices. Cybersecurity company SentinelOne, which dubbed the campaign Hidden Risk, attributed it with high confidence to BlueNoroff, which has been previously linked to malware families such as

Unwrapping the emerging Interlock ransomware attack

Cisco Talos Incident Response (Talos IR) recently observed an attacker conducting big-game hunting and double extortion attacks using the relatively new Interlock ransomware.

Large eBay malvertising campaign leads to scams

Consumers are being swamped by Google ads claiming to be eBay's customer service.

Google Cloud to Enforce MFA on Accounts in 2025

Google Cloud will take a phased approach to make multifactor authentication mandatory for all users.

Update your Android: Google patches two zero-day vulnerabilities

Google has released patches for two zero-days and a lot of other high level vulnerabilities.

Google Cloud to Enforce Multi-Factor Authentication by 2025 for All Users

Google's cloud division has announced that it will enforce mandatory multi-factor authentication (MFA) for all users by the end of 2025 as part of its efforts to improve account security. "We will be implementing mandatory MFA for Google Cloud in a phased approach that will roll out to all users worldwide during 2025," Mayank Upadhyay, vice president of engineering and distinguished engineer at