Faux ChatGPT, Claude API Packages Deliver JarkaStealer
Attackers are betting that the hype around generative AI (GenAI) is attracting less technical, less cautious developers who might be…
Cross-Site Scripting Is 2024’s Most Dangerous Software Weakness
MITRE and CISA's 2024 list of the 25 most dangerous software weaknesses exposes the need for organizations to continue to…
Feds Charge Five Men in ‘Scattered Spider’ Roundup
Federal prosecutors in Los Angeles this week unsealed criminal charges against five men alleged to be members of a hacking…
Microsoft disrupts ONNX phishing-as-a-service infrastructure
Microsoft has seized 240 domains used by customers of ONNX, a phishing-as-a-service (PhaaS) platform, to target companies and individuals across…
MITRE shares 2024’s top 25 most dangerous software weaknesses
MITRE has shared this year's top 25 list of the most common and dangerous software weaknesses behind more than 31,000…
Ubuntu Linux impacted by decade-old ‘needrestart’ flaw that gives root
Five local privilege escalation (LPE) vulnerabilities have been discovered in the needrestart utility used by Ubuntu Linux, which was introduced…
SWEEPS Educational Initiative Offers Application Security Training
The secure coding curriculum was developed by University of California, Davis; University of Maryland Baltimore County; Worcester Polytechnic Institute; California…
Apple fixes two zero-days used in attacks on Intel-based Macs
Apple released emergency security updates to fix two zero-day vulnerabilities that were exploited in attacks on Intel-based Mac systems. [...]
D-Link urges users to retire VPN routers impacted by unfixed RCE flaw
D-Link is warning customers to replace end-of-life VPN router models after a critical unauthenticated, remote code execution vulnerability was discovered that…
Maintaining File Security While Working Remotely
These days remote workers in home offices using residential WiFi must maintain a similar security posture as a full-on corporation…