Claroty's research also found that it's easy to break MQTT authentication by simply knowing the device's serial number ...

Apache Traffic Control 8.0.2 fixes CVE-2024-45387, a critical 9.9 CVSS SQL injection flaw targeting privileged users.

The Iranian nation-state hacking group known as Charming Kitten has been observed deploying a C++ variant of a known malware ...

PyPI packages "Zebo" and "Cometlogger" downloaded 280+ times, exfiltrate data with obfuscation and anti-detection.

CISA adds CVE-2021-44207 to KEV catalog for active exploitation risk. Agencies must patch by Jan 13, 2025, to mitigate remote ...

The trends shaping 2025 show the importance of adopting forward-thinking strategies to address evolving threats. From ...

Japanese and U.S. authorities have formerly attributed the theft of cryptocurrency worth $308 million from cryptocurrency ...

Hackers are using everyday tools in harmful ways, hiding spyware in trusted apps, and finding new ways to take advantage of ...

Apache releases a security update for CVE-2024-56337, addressing RCE risks in Tomcat servers with critical configuration ...

LLMs can create 10,000 malware variants evading detection with 88% success, degrading ML classifiers and risking AI model ...

WhatsApp wins U.S. court ruling against NSO Group for Pegasus misuse; 43 intrusions revealed, damages trial ahead.

Italy's data protection authority has fined ChatGPT maker OpenAI a fine of €15 million ($15.66 million) over how the generative artificial intelligence application handles personal data. The fine ...