Cross-Site Scripting Is 2024’s Most Dangerous Software Weakness
MITRE and CISA’s 2024 list of the 25 most dangerous software weaknesses exposes the need for organizations to continue to…
Critical WordPress Anti-Spam Plugin Flaws Expose 200,000+ Sites to Remote Attacks
Two critical security flaws impacting the Spam protection, Anti-Spam, and FireWall plugin WordPress could allow an unauthenticated attacker to install…
North Korean Hackers Steal $10M with AI-Driven Scams and Malware on LinkedIn
The North Korea-linked threat actor known as Sapphire Sleet is estimated to have stolen more than $10 million worth of…
Decades-Old Security Vulnerabilities Found in Ubuntu’s Needrestart Package
Multiple decade-old security vulnerabilities have been disclosed in the needrestart package installed by default in Ubuntu Server (since version 21.04)…
Warning: Over 2,000 Palo Alto Networks Devices Hacked in Ongoing Attack Campaign
As many as 2,000 Palo Alto Networks devices are estimated to have been compromised as part of a campaign abusing…
Researchers Uncover Malware Using BYOVD to Bypass Antivirus Protections
Cybersecurity researchers have uncovered a new malicious campaign that leverages a technique called Bring Your Own Vulnerable Driver (BYOVD) to…
How AI Is Transforming IAM and Identity Security
In recent years, artificial intelligence (AI) has begun revolutionizing Identity Access Management (IAM), reshaping how cybersecurity is approached in this…
The Problem of Permissions and Non-Human Identities – Why Remediating Credentials Takes Longer Than You Think
According to research from GitGuardian and CyberArk, 79% of IT decision-makers reported having experienced a secrets leak, up from 75%…