FBI warns computer users to keep an eye out for malware, including ransomware, distributed through working document converters.
FBI warns computer users to keep an eye out for malware, including ransomware, distributed through working document converters.
By simply sending HTTP requests, attackers can trigger the deserialisation of malicious data in Tomcat’s session storage and gain control.
Overwhelmed AppSec teams are turning to agentic AI to handle the tedious manual work of security reporting, threat modeling, and code reviews, but successful implementation requires careful human oversight.
In February 2025, the public safety policy management systems company Lexipol suffered a data breach. Attributed to the self-proclaimed “Puppygirl Hacker Polycule”, the breach exposed an extensive number of documents and user records which were subsequently published publicly. The breach included over 670k unique email addresses in the user records, along with names, phone numbers, system-generated usernames and passwords stored as either MD5 or SHA-256 hashes.
Google’s agreement to buy cloud security startup Wiz will face antitrust scrutiny amid Alphabet’s ongoing legal battles.
Dashlane’s zero-knowledge encryption and intuitive user interface make it a compelling password manager. Read our full Dashlane review to learn more.
Cisco is bringing Secure Workload, Secure Access, and AI Defense into Security Cloud control, enhancing its capabilities and providing comprehensive management.
This breakthrough will finally allow secure, encrypted messaging between different mobile platforms.
Medusa ransomware now operates as a RaaS model, recruiting affiliates from criminal forums to launch attacks, encrypt data, and extort victims worldwide.
Amazon is mandating cloud-based processing for Echo voice commands, removing local storage and disabling Alexa’s voice ID to expand its generative AI capabilities.