Thousands of GitHub repositories deliver fake PoC exploits with malware
Researchers at the Leiden Institute of Advanced Computer Science found thousands of repositories on GitHub that offer fake proof-of-concept (PoC) exploits…
Google’s GUAC Aims to Democratize Software Supply Chain Security Metadata
Software makers and customers will be able to query graph database for information about the security and provenance of components…
Researchers Keep a Wary Eye on Critical New Vulnerability in Apache Commons Text
There's nothing yet to suggest CVE-2022-42889 is the next Log4j. But proof-of-concept code is available, and interest appears to be…
Concerns Over Fortinet Flaw Mount; PoC Released, Exploit Activity Grows
The authentication bypass flaw in FortiOS, FortiProxy and FortiSwitchManager is easy to find and exploit, security experts say.
Apple’s Constant Battles Against Zero-Day Exploits
Such exploits sell for up to $10 million, making them the single most valuable commodity in the cybercrime underworld.
Russian DDoS attack project pays contributors for more firepower
A pro-Russian group created a crowdsourced project called 'DDOSIA' that pays volunteers launching distributed denial-of-service (DDOS) attacks against western entities. [...]
Toyota discloses data leak after access key exposed on GitHub
Toyota Motor Corporation is warning that customers' personal information may have been exposed after an access key was publicly available…
Intel confirms leaked Alder Lake BIOS Source Code is authentic
Intel has confirmed that a source code leak for the UEFI BIOS of Alder Lake CPUs is authentic and has…
Solana Phantom security update NFTs push password-stealing malware
Hackers are airdropping NFTs to Solana cryptocurrency owners pretending to be alerts for a new Phantom security update that lead to the…
LofyGang Uses 100s of Malicious NPM Packages to Poison Open Source Software
The group has been operating for over a year, promoting their tools in hacking forums, stealing credit card information, and…