Researchers at CyFox have discovered a Dynamic Link Library (DLL) planting/hijacking vulnerability in the popular media center application Stremio, which attackers could exploit to execute code on a victim's system, steal information, and more. DLLs are…

Canon is warning users of home, office, and large-format inkjet printers that the Wi-Fi connection settings stored in the devices' memories are not wiped during initialization, enabling access to the data for others. This vulnerability could pose a…

A nation-state actor with ties to China is believed to have been behind a series of attacks against industrial organizations in Eastern Europe that occurred last year in an attempt to steal data from air-gapped systems. Researchers attributed the attacks…

The US military has been dealing with two significant cyber threats, one being the Chinese campaign called Volt Typhoon against military bases, and the other being an insider breach impacting Air Force and FBI communications. The Biden administration has…

Marisa Midler and Samantha Chaves, penetration testers with the Carnegie Mellon Software Engineering Institute's (SEI) Computer Emergency Response Team (CERT), have introduced a repository of penetration testing findings that is now publicly accessible…

The many advancements in Artificial Intelligence (AI) show that the technology is critical. In the realm of national security, experts are taking note of the impact of AI on the collective defense strategy. Paulo Shakarian, an associate professor of…

According to new research on the role of the insurance industry in driving the criminal ecosystem, there is no "compelling evidence" that victims of ransomware attacks with cyber insurance are more likely to make extortion payments than those without…

Google has published its annual report regarding zero-day vulnerabilities. In the report, Google's Threat Analysis Group (TAG) notes that patches are often unavailable to Android users for too long. The research group discovered 41 zero-day…

The Biden-Harris Administration has unveiled the National Cyber Workforce and Education Strategy (NCWES) to address immediate and long-term cyber workforce needs. Filling the many cyber positions in the US is a national security imperative. The NCWES…

It has recently been discovered that hackers are actively exploiting a "BleedingPipe" remote code execution vulnerability in Minecraft mods to run malicious commands on servers and clients, allowing them to take control of the devices.  BleedingPipe…

Researchers have uncovered malicious Android apps that use optical character recognition to steal credentials displayed on smartphone screens. The malware, dubbed CherryBlos by Trend Micro security researchers, has been embedded in at least four Android…

The FBI has further emphasized that Artificial Intelligence (AI) helps nearly every aspect of cybercriminal activity, from development to deployment, and this trend is continuing. On a recent media call, an FBI official suggested that free, customizable…