CISA warns of actively exploited bugs in Chrome and Excel parsing library
The U.S. Cybersecurity and Infrastructure Security Agency has added two vulnerabilities to the Known Exploited Vulnerabilities catalog, a recently patched…
Skynet Ahoy? What to Expect for Next-Gen AI Security Risks
The innovation that ChatGPT and other LLMs demonstrate is a good thing, but safeguards and other security frameworks must keep…
GenAI Tools Will Permeate All Areas of the Enterprise
Many departments and groups see the benefits of using generative AI tools, which will complicate the security teams' job of…
5 Tips for Strengthening the Developer-Security Team Relationship
Adopt these best practices to move past a reactive approach to software development and build a productive work environment. Collaboration…
Fake VPN Chrome extensions force-installed 1.5 million times
Three malicious Chrome extensions posing as VPN (Virtual Private Networks) infected were downloaded 1.5 million times, acting as browser hijackers,…
Software & Security: How to Move Supply Chain Security Up the Agenda
Getting more insight helps you to prioritize across all your systems, letting you drive more collaboration, real change, and real…
Over 30% of Log4J apps use a vulnerable version of the library
Roughly 38% of applications using the Apache Log4j library are using a version vulnerable to security issues, including Log4Shell, a…
Atlassian patches critical RCE flaws across multiple products
Atlassian has published security advisories for four critical remote code execution (RCE) vulnerabilities impacting Confluence, Jira, and Bitbucket servers, along with…
“Sierra:21” vulnerabilities impact critical infrastructure routers
A set of 21 newly discovered vulnerabilities impact Sierra OT/IoT routers and threaten critical infrastructure with remote code execution, unauthorized…
Over 20,000 vulnerable Microsoft Exchange servers exposed to attacks
Tens of thousands of Microsoft Exchange email servers in Europe, the U.S., and Asia exposed on the public internet are…