Hundreds of GitHub repositories seemingly offering “free game cheats” deliver malware, including the Vidar infostealer, ...

Cyber teams must stop looking at environments as a list of compliance requirements. Stop checking boxes and start measuring ...

Gartner has urged security teams to get involved in AI projects from the start to avoid costly incident response ...

A newly identified local privilege escalation (LPE) vulnerability has been discovered affecting default installations of Ubuntu Desktop 24.04 and later, allowing attackers to gain full root access.

Overall, vulnerability exploitation accounted for 25% of initial access in incident response incidents last year, with exposed services on 7%. However, the most common vector was “valid account / no ...

A cryptocurrency scam known as "ShieldGuard" has been dismantled after researchers identified it as a malicious browser extension designed to harvest sensitive user data. The operation, uncovered by ...

Identity drift occurs in this gap, when a user’s credentials aren’t fully aligned across every system that can authenticate ...

A method for exfiltrating sensitive data from AI-powered code execution environments using domain name system (DNS) queries has been demonstrated by security researchers, highlighting potential risks ...

A set of newly identified vulnerabilities in the Linux security module AppArmor could allow attackers to gain root access, ...

The average number of API attacks per organization in 2025 was 258, up 113% from 121 in 2024, it found. Some 61% of API attacks last year involved unauthorized workflows and abnormal activity, up from ...

The FBI is asking gamers who unwittingly downloaded malware from the popular Steam platform to help with its investigation.

A new Android attack technique that manipulates the runtime environment instead of modifying applications has been identified. The method, discovered by CloudSEK researchers, uses the LSPosed ...