Critical Git vulnerability allows RCE when cloning repositories with submodules (CVE-2024-32002)
New versions of Git are out, with fixes for five vulnerabilities, the most critical (CVE-2024-32002) of which can be used by attackers to remotely execute code during a …
Google fixes third exploited Chrome zero-day in a week (CVE-2024-4947)
For the third time in the last seven days, Google has fixed a Chrome zero-day vulnerability (CVE-2024-4947) for which an exploit exists in the wild. About CVE-2024-4947 …
Is an open-source AI vulnerability next?
AI has captured widespread interest and offers numerous benefits. However, its rapid advancement and widespread adoption raise concerns, especially for those of us in …
OWASP dep-scan: Open-source security and risk audit tool
OWASP dep-scan is an open-source security and risk assessment tool that leverages information on vulnerabilities, advisories, and licensing restrictions for project …
Ebury botnet compromises 400,000+ Linux servers
ESET researchers released its deep-dive investigation into one of the most advanced server-side malware campaigns. It is still growing and has seen hundreds of thousands of …
Product showcase: Block ads, cookie pop-ups, trackers with CleanWeb
A study by PageFair revealed that ad blocker usage surged by 30% in 2016 alone, reflecting a growing public concern for privacy and uninterrupted browsing. Fast-forward to …
Cloud security incidents make organizations turn to AI-powered prevention
Cloud security incidents are alarmingly on the rise, with 61% of organizations reporting breaches within the last year, marking a significant increase from 24% the year …
How attackers deliver malware to Foxit PDF Reader users
Threat actors are taking advantage of the flawed design of Foxit PDF Reader’s alerts to deliver malware via booby-trapped PDF documents, Check Point researchers have …
Core security measures to strengthen privacy and data protection programs
As privacy laws evolve globally, organizations face increasing complexity in adapting their data protection strategies to stay compliant. In this Help Net Security interview, …
Cybersecurity jobs available right now: May 15, 2024
Some of the jobs listed here are no longer accepting applications. For a fresh list of open cybersecurity jobs, go here. Associate / Pentester (Red Team) – Cybersecurity …
Ransomware statistics that reveal alarming rate of cyber extortion
In this article, you will find excerpts from various reports that offer statistics and insights about the current ransomware landscape. Global ransomware crisis worsens NTT …
Cybersecurity analysis exposes high-risk assets in power and healthcare sectors
Traditional approaches to vulnerability management result in a narrow focus of the enterprise attack surface area that overlooks a considerable amount of risk, according to …
Featured news
Resources
Don't miss
- Attackers exploited old flaws to breach SonicWall SMA appliances (CVE-2024-38475, CVE-2023-44221)
- New Microsoft accounts will be “passwordless by default”
- Why SMEs can no longer afford to ignore cyber risk
- Preparing for the next wave of machine identity growth
- Hottest cybersecurity open-source tools of the month: April 2025