High-Severity Flaw in PostgreSQL Allows Hackers to Exploit Environment Variables
Cybersecurity researchers have disclosed a high-severity security flaw in the PostgreSQL open-source database system that could allow unprivileged users to…
Experts Uncover 70,000 Hijacked Domains in Widespread ‘Sitting Ducks’ Attack Scheme
Multiple threat actors have been found taking advantage of an attack technique called Sitting Ducks to hijack legitimate domains for…
Flexible Structure of Zip Archives Exploited to Hide Malware Undetected
Attackers abuse concatenation, a method that involves appending multiple zip archives into a single file, to deliver a variant of…
Microsoft Power Pages Leak Millions of Private Records
Less-experienced users of Microsoft’s website building platform may not understand all the implications of the access controls in its low-…
2 Zero-Day Bugs in Microsoft’s Nov. Update Under Active Exploit
The November 2024 Patch Tuesday update contains a substantially high percentage of remote code execution (RCE) vulnerabilities (including a critical…
A Hacker’s Guide to Password Cracking
Defending your organization’s security is like fortifying a castle—you need to understand where attackers will strike and how they’ll try…
Google Cloud to Enforce Multi-Factor Authentication by 2025 for All Users
Google’s cloud division has announced that it will enforce mandatory multi-factor authentication (MFA) for all users by the end of…
New Phishing Kit Xiū gǒu Targets Users Across Five Countries With 2,000 Fake Sites
Cybersecurity researchers have disclosed a new phishing kit that has been put to use in campaigns targeting Australia, Japan, Spain,…