Zeljka Zorz
Have you updated SaltStack Salt? Attacks are underway!
Have you updated your SaltStack Salt “masters” and made them inaccessible over the internet – or at least restricted access to them? Even though F-Secure …
GitHub Code Scanning aims to prevent vulnerabilities in open source software
GitHub has made available two new security features for open and private repositories: code scanning (as a GitHub-native experience) and secret scanning (both still in beta). …
How a favicon delivered a web credit card skimmer to victims
Cyber crooks deploying web credit card skimmers on compromised Magento websites have a new trick up their sleeve: favicons that “turn” malicious when victims visit …
Firefox 76 delivers new password security features and security fixes
Mozilla has released Firefox 76, which comes with critical security fixes and new features related to Firefox Lockwise, the browser’s password manager/generator …
Adult live streaming site CAM4 found leaking data of millions of users
A misconfigured database containing 7 terabytes of sensitive user and company information related to adult live streaming site CAM4 has been found leaking data. The database …
Nearly a million WordPress sites targeted in extensive attacks
A threat actor is actively trying to insert a backdoor into and compromise WordPress-based sites to redirect visitors to malvertising. “While our records show that this …
Microsoft announces limited Azure Sphere bug bounty program
Microsoft has announced a new security research / bug bounty program aimed at testing and improving the security of Azure Sphere, its comprehensive IoT security solution. The …
Can you trust attachments with unfamiliar extensions?
Microsoft’s security experts have warned on Monday about several email malware delivery campaigns exploiting the COVID-19 pandemic targeting companies in the US and …
Phishers target investment brokers, aim for Office, SharePoint login credentials
Phishers are trying to trick investment brokers into sharing their Microsoft Office or SharePoint login credentials by impersonating FINRA, a non-governmental organization …
Fake Microsoft Teams notification emails are hitting inboxes
Phishers are using fake Microsoft Teams notification emails to trick users into sharing their Microsoft Teams and Office 365 login credentials. “Should the recipient …
SaltStack Salt vulnerabilities actively exploited by attackers, patch ASAP!
Two vulnerabilities in SaltStack Salt, an open-source remote task and configuration management framework, are being actively exploited by attackers, CISA warns. About …
Help your helpdesk: Empower employees to self-reset their AD account password
The COVID-19 pandemic has triggered a momentous shift for many organizations: remote work has become the new normal. Businesses that were skeptical before are now being forced …
Featured news
Resources
Don't miss
- Google fixes actively exploited Chrome zero-day vulnerability (CVE-2025-10585)
- LinkedIn now uses your data for AI by default, opt out now!
- Behind the scenes of cURL with its founder: Releases, updates, and security
- Product showcase: Exaforce – The full lifecycle AI SOC platform
- AI made crypto scams far more dangerous