Threat actors have been observed distributing malicious payloads such as cryptocurrency miner and clipper malware via SourceForge, a popular software hosting service, under the guise […]
2 Android Zero-Day Bugs Under Active Exploit
Neither security issue requires user interaction; and one of the vulnerabilities was used to unlock a student activist’s device in an attempt to install spyware. […]
Amazon EC2 SSM Agent Flaw Patched After Privilege Escalation via Path Traversal
Cybersecurity researchers have disclosed details of a now-patched security flaw in the Amazon EC2 Simple Systems Manager (SSM) Agent that, if successfully exploited, could permit […]
_ArtemisDiana_Alamy.jpg)
How Democratized Development Creates a Security Nightmare
No-code and low-code platforms offer undeniable benefits. But when security is an afterthought, organizations risk deploying vulnerable applications that expose sensitive data and critical systems. […]
Palo Alto Networks Begins Unified Security Rollout
Cortex Cloud integrates Prisma Cloud with CDR to provide a consolidated security posture management and real-time threat detection and remediation platform. ​The original article found […]
_Zoonar_GmbH_Alamy.jpg)
Experts Optimistic About Secure by Design Progress
Secure by Design is an important step to reduce the number of vulnerabilities present originally, but is it progressing fast enough? According to security experts […]
Dangerous, Windows-Hijacking Neptune RAT Scurries Into Telegram, YouTube
The malware’s creators insist a new open source version of Neptune is for educational use by pen testers, but a raft of sophisticated backdoor and […]
Morphing Meerkat PhaaS Using DNS Reconnaissance To Generate Phishing Pages Based on Target
Morphing Meerkat, a sophisticated Phishing-as-a-Service (PhaaS) platform first identified in 2020, has evolved from a simple tool capable of mimicking five email services to a […]
OpenSSL 3.5.0 Released with Support for Post-Quantum Cryptography
The OpenSSL Project has officially released version 3.5.0 of its widely used cryptographic library, marking a significant milestone with the integration of post-quantum cryptography (PQC) […]
NIST Will Mark All CVEs Published Before 01/01/2018 as ‘Deferred’
The National Institute of Standards and Technology (NIST) announced on April 2, 2025, that all Common Vulnerabilities and Exposures (CVEs) with a published date prior […]