Unknown miscreants are exploiting a configuration vulnerability in multiple Sitecore products to achieve remote code execution via a publicly exposed key and deploy snooping malware

AI models get slammed for producing sloppy bug reports and burdening open source maintainers with hallucinated issues, but they also have the potential to transform

A new China-aligned cybercrime crew named GhostRedirector has compromised at least 65 Windows servers worldwide – spotted in a June internet scan – using previously

Free support is ending for many editions of Windows 10 on October 14, and enterprises unable to make the jump are on the hook for

ESET researchers have identified a new threat actor, whom we have named GhostRedirector, that compromised at least 65 Windows servers mainly in Brazil, Thailand, and

Sainsbury’s, Britain’s second-largest supermarket chain, has caught the attention of privacy campaigners by launching an eight-week trial of live facial recognition (LFR) tech in two

France’s data protection authority levied massive fines against Google and SHEIN for dropping cookies on customers without securing their permission, and also whacked Google for

The US State Department has put a $10 million bounty on the heads of three Russians accused of being intelligence agents hacking America’s critical infrastructure

US security leaders have urged lawmakers to reauthorize two key pieces of cyber legislation, including one that facilitates threat-intel sharing between the private sector and

Patch Tuesday is next week, but Android is ahead of the game, dropping its biggest patch bundle this year while attackers actively exploit two of

Attackers on underground forums claimed they were using HexStrike AI, an open-source red-teaming tool, against Citrix NetScaler vulnerabilities within hours of disclosure, according to Check

It’s no secret that AI tools make it easier for cybercriminals to steal sensitive data and then extort victim organizations. But two recent developments illustrate

A RAID failure has taken the Matrix.org homeserver offline, leaving users of the decentralized messaging service unable to send or receive messages while engineers attempt

Censys Inc, vendor of the popular Censys internet-mapping tool, has revealed that state-based actors are trying to abuse its services by hiding behind academic researchers.

The list of victims keeps growing, as yet another company — Cloudflare — today disclosed that some of its customers’ data was also compromised in the

Governments can’t get enough of hacking services to use against their citizens, despite their protestations that elements of the trade need sanctioning. Only legitimate government

Zscaler is the latest company to disclose some of its customers’ data was exposed in the recent spate of Salesloft Drift attacks affecting Salesforce databases.

Palo Alto Networks is writing to customers that may have had commercially sensitive data exposed after criminals used stolen OAuth credentials lifted from the Salesloft