New tool scans iPhones for ‘Triangulation’ malware infection
Cybersecurity firm Kaspersky has released a tool to detect if Apple iPhones and other iOS devices are infected with a…
PyPI’s 2FA Requirements Don’t Go Far Enough, Researchers Say
The Python Package Index will require developers to better secure their accounts as cyberattacks ramp up, but protecting the software…
Undetected Attacks Against Middle East Targets Conducted Since 2020
Targeted attacks against Saudi Arabia and other Middle East nations have been detected with a tool that's been in the…
2 Lenses for Examining the Safety of Open Source Software
Improving the security of open source repositories and keeping malicious components out requires a combination of technology and people.
GitLab ‘strongly recommends’ patching max severity flaw ASAP
GitLab has released an emergency security update, version 16.0.1, to address a maximum severity (CVSS v3.1 score: 10.0) path traversal…
Google’s .zip, .mov Domains Give Social Engineers a Shiny New Tool
Security professionals warn that Google's new top-level domains, .zip and .mov, pose social engineering risks while providing little reason for…
Interview With a Crypto Scam Investment Spammer
Social networks are constantly battling inauthentic bot accounts that send direct messages to users promoting scam cryptocurrency investment platforms. What…
KeePass Vulnerability Imperils Master Passwords
A newly discovered bug in the open source password manager, if exploited, lets attackers retrieve a target's master password —…
KeePass exploit helps retrieve cleartext master password, fix coming soon
The popular KeePass password manager is vulnerable to extracting the master password from the application's memory, allowing attackers who compromise…
Microsoft Follina Bug Is Back in Meme-Themed Cyberattacks Against Travel Orgs
A two-bit comedian is using a patched Microsoft vulnerability to attack the hospitality industry, and really laying it on thick…