Help Net Security newsletters: Daily and weekly news, cybersecurity jobs, open source – subscribe here!

Please turn on your JavaScript for this page to function normally.
F5
F5 fixes critical BIG-IP vulnerability, PoC is public (CVE-2023-46747)

F5 Networks has released hotfixes for two vulnerabilities affecting its BIG-IP multi-purpose networking devices/modules, including a critical authentication bypass …

Google
Google expands bug bounty program to cover AI-related threats

Google has expanded its bug bounty program, aka Vulnerability Rewards Program (VRP), to cover threats that could arise from Google’s generative AI systems. …

AI
Humans are still better than AI at crafting phishing emails, but for how long?

Humans are still better at crafting phishing emails compared to AI, but not by far and likely not for long, according to research conducted by IBM X-Force Red. Creating …

VMware
VMware patches critical vulnerability in vCenter Server (CVE-2023-34048)

VMware has fixed a critical out-of-bounds write vulnerability (CVE-2023-34048) and a moderate-severity information disclosure flaw (CVE-2023-34056) in vCenter Server, its …

Microsoft Security Copilot
Microsoft announces wider availability of AI-powered Security Copilot

Microsoft Security Copilot has been made available to a larger number of enterprise customers, via an invitation-only Early Access Program. What is Microsoft Security Copilot? …

North Korea
North Korean hackers are targeting software developers and impersonating IT workers

State-sponsored North Korean hackers have significantly intensified their focus on the IT sector in recent years, by infiltrating firms developing software and companies …

Google Play Protect
Google Play Protect takes on malicious apps with code-level scanning

Google is enhancing Google Play Protect’s real-time scanning to include code-level scanning, to keep Android devices safe from malicious and unwanted apps, especially …

Citrix
Citrix NetScaler bug exploited in the wild since August (CVE-2023-4966)

A recently patched Citrix NetScaler ADC/Gateway information disclosure vulnerability (CVE-2023-4966) has been exploited by attackers in the wild since late August 2023, …

Jupyter
Jupyter Notebooks targeted by cryptojackers

Cryptojackers are targeting exposed Jupyter Notebooks to install cryptominers and steal credential files for popular cloud services, researchers have uncovered. What are …

Steam
Valve introduces SMS-based confirmation to prevent malicious games on Steam

Video game publisher/digital distribution company Valve is forcing developers who publish games on its Steam platform to “validate” new builds with a confirmation …

malware
Compromised Skype accounts deliver DarkGate malware to employees

A threat actor is using compromised Skype accounts to deliver the DarkGate malware to target organizations, Trend Micro researchers have warned. “Versions of DarkGate …

stop
Microsoft Defender can automatically contain compromised user accounts

The “contain user” feature select Microsoft Defender for Endpoint customers have been trying out since November 2022 is now available to a wider pool of …

Don't miss

Cybersecurity news