A newly documented cache deception attack leverages mismatches in path normalization and delimiter handling between caching layers and origin servers to expose sensitive endpoints and […]
CISA Issues New ICS Advisories on Critical Vulnerabilities and Exploits
The Cybersecurity and Infrastructure Security Agency (CISA) released three Industrial Control Systems (ICS) advisories on August 26, 2025, detailing nine critical vulnerabilities in INVT VT-Designer […]
5 ways to improve cybersecurity function while spending less
As a veteran CISO for state and local agencies, Orange County CISO Andrew Alipanah knows how to optimize security functions within impossibly tight budgets. In […]
Only 49% of companies to increase cyber budget after a breach
The long held conventional wisdom that organizations commit to increased cybersecurity investments only after a breach has taken a hit. IBM’s latest annual Cost of […]
African Law Enforcement Agencies Nab Cybercrime Syndicates
African nations work with Interpol and private-sector partners to disrupt cybercriminal operations on the continent, but more work needs to be done. ​The original article […]
Hackers Abuse Compromised OAuth Tokens to Access and Steal Salesforce Corporate Data
Google Threat Intelligence Group (GTIG) has issued an advisory concerning a broad data theft operation targeting corporate Salesforce instances via the Drift integration. Beginning as […]
Critical Chrome Use-After-Free Flaw Enables Arbitrary Code Execution
Google has released an urgent security update for the Chrome Stable channel to address a critical use-after-free vulnerability in the ANGLE graphics library that could allow attackers […]
Citrix NetScaler ADC and Gateway Hit by Ongoing Attacks Exploiting 0-Day RCE
Cloud Software Group has issued an emergency security bulletin warning of active exploitation targeting three critical vulnerabilities in NetScaler ADC and NetScaler Gateway products. The vulnerabilities, tracked […]
LLMs easily exploited using run-on sentences, bad grammar, image scaling
A series of vulnerabilities recently revealed by several research labs indicate that, despite rigorous training, high benchmark scoring, and claims that artificial general intelligence (AGI) […]
Kubernetes Security: Wie Sie Ihre Cluster (besser) absichern
Anatoliy Eremin | shutterstock.com Kubernetes hat sich unter Enterprise-Softwareentwicklern zu einem durchschlagenden Erfolg entwickelt. Das veranlasst kriminelle Hacker zunehmend dazu, entsprechende Installationen mit speziell entwickelten […]