LATEST

Fix Critical Vulnerabilities in Go 1.25.6 and 1.24.12 to Reduce the Risk of DoS and Memory Exhaustion

Go 1.25.6 and 1.24.12 are emergency point releases that the Go programming language team released to fix six serious security vulnerabilities This article explores release go1. . These upd

New AWS Console Supply Chain Attack Lets Attackers Hijack AWS GitHub Repositories

Key AWS-owned GitHub repositories, including the popular AWS JavaScript SDK that powers the AWS Console itself, were taken over by unauthenticated attackers due to a crucial misconfigurati

APT Associated with China Used Sitecore Zero-Day to Infiltrate Critical Infrastructure

Since at least last year, critical infrastructure sectors in North America have been the target of a threat actor that is probably affiliated with China This article explores ttps uat 8837

Five Dangerous Chrome Add-ons Workday and NetSuite impersonation for account theft

"The extensions work in concert to steal authentication tokens, block incident response capabilities, and enable complete account takeover through session hijacking," stated Socket securit

NSA Issues Implementation Guidelines for Zero Trust

The first two publications in the National Security Agency's Zero Trust Implementation Guidelines series, which offer helpful advice to assist organizations in implementing Zero Trust secu

Google Project Zero Unveils a Complex Zero-Click Exploit Chain Aimed at the Pixel 9

Project Zero has revealed a complex zero-click exploit chain that targets the Pixel 9 smartphone, proving that extremely sophisticated attacks are still feasible even in the face of contem

Go Programming Language 1.26 Fixes Several Memory-Depleting Vulnerabilities

For versions 1.25.6 and 1.24.12, the Go programming language team has released security updates that fix six serious flaws, including denial-of-service attacks, memory exhaustion, and arbi

Your Digital Footprint Can Lead Right to Your Front Door

At night, you lock your doors This article explores hazardous personal data. . You steer clear of dubious phone calls.

You exercise caution when posting anything on social media. Ho

Winter Olympics Could Share Podium With Cyberattackers

Cybercriminals will also be vying for gold when the Milano Cortina Winter Games start on February 6. Experts caution that everything is possible, from ransomware and distributed denial-of-

Vulnerabilities Surge, But Messy Reporting Blurs Picture

Vulnerability reports set yet another record this year This article explores cve identified vulnerabilities. . According to data analyzed from the National Vulnerability Database (NVD), 48