Unpaid open source maintainers struggle with increased security demands
Ensuring the security of the open-source software that modern organizations depend on is a crucial responsibility of the open source maintainers, especially as attacks on the …
You can now use passkeys to log in to your Google account
Users can now create passkeys for their Google account, the company has announced on Wednesday. Passkeys will enable users to sign in to their Google account on all major …
Attackers are trying to exploit old DVR vulnerabilities (CVE-2018-9995, CVE-2016-20016)
Five years ago, security researcher Fernandez Ezequiel discovered a vulnerability (CVE-2018-9995) in many digital video recorder (DVR) brands and released a tool for …
Google Chrome will lose the “lock” icon for HTTPS-secured sites
In September 2023, Google Chrome will stop showing the lock icon when a site loads over HTTPS, partly due to the now ubiquitous use of the protocol. The misunderstood Lock …
T-Mobile suffers second data breach this year
T-Mobile has revealed a second data breach that occurred in 2023, which reportedly exposed customer data and account PINs, leaving many T-Mobile users vulnerable to potential …
Tython: Open-source Security as Code framework and SDK
Development teams utilize automation through Infrastructure as Code (IaC) to facilitate rapid and frequent changes to their cloud-native architectures. Security teams must …
Malicious content lurks all over the web
Attackers are finding new ways to evade detection and blend in with normal network traffic using HTTP and HTTPS to deliver malware, according to Netskope. On average, five out …
Security in the cloud with more automation
Hopefully, you’ve been working with the Center for Internet Security (CIS) on securing your cloud infrastructure for a while now. Initially, you might have used our CIS …
Easily exploitable flaw in Oracle Opera could spell trouble for hotel chains (CVE-2023-21932)
A recently patched vulnerability (CVE-2023-21932) in Oracle Opera, a property management system widely used in large hotel and resort chains, is more critical than Oracle says …
Infostealer with hVNC capability pushed via Google Ads
There has been a noted increase in malvertising via Google Ads this year, aimed at tricking users into downloading malware; among these malicious payloads is LOBSHOT, an …
Apple starts delivering smaller security updates
The security updating of iPhones, iPads and Macs has entered a new stage: Apple has, for the first time, released a Rapid Security Response to owners of the devices running …
Fake ChatGPT desktop client steals Chrome login data
Researchers are warning about an infostealer mimicking a ChatGPT Windows desktop client that’s capable of copying saved credentials from the Google Chrome login data …
Featured news
Resources
Don't miss
- NTLM relay attacks are back from the dead
- Africa’s cybersecurity crisis and the push to mobilizing communities to safeguard a digital future
- Google open-sources privacy tech for age verification
- You can’t trust AI chatbots not to serve you phishing pages, malicious downloads, or bad code
- Cisco fixes maximum-severity flaw in enterprise unified comms platform (CVE-2025-20309)