Google and Android announced recently that they will now assess device vulnerability disclosure reports based on the level of information that bug hunters provide in order to encourage more comprehensive submissions.  According to Google,…

Apple recently released security updates for its operating systems to patch dozens of vulnerabilities that could expose iPhones and Macs to hacker attacks, including three zero-days affecting the WebKit browser engine.  Two of the actively exploited…

Before Russia invaded Ukraine, Russian hackers knocked out Viasat satellite ground receivers across Europe. Elon Musk then offered access to Starlink, SpaceX's network of low Earth orbit (LEO) communications satellites. However, Musk reported shortly…

Security researchers at Recorded Future warn that threat actors are gaining significant interest in voice cloning-as-a-service (VCaaS) offerings on the dark web, designed to streamline deepfake-based fraud.  The researchers noted that deepfake audio…

An 18-year-old has been charged for allegedly hacking and selling access to thousands of online sports betting accounts. Joseph Garrison of Madison, Wisconsin, who is accused of masterminding the credential stuffing scheme, is facing criminal charges.…

AllWinner and RockChip are China-based companies that power several popular Android TV boxes sold on Amazon. These Android-powered TV set-top boxes are typically inexpensive and highly customizable, incorporating multiple streaming services into a single…

As part of a BATLOADER campaign designed to distribute the RedLine Stealer malware, malicious Google Search ads for generative Artificial Intelligence (AI) services such as OpenAI ChatGPT and Midjourney are being used to direct users to questionable…

Two code packages named "nodejs-encrypt-agent" were recently discovered to contain the open-source information-stealing malware TurkoRat in the popular npm JavaScript library and registry. The malware-containing packages were discovered by ReversingLabs…

According to Backslash Security, AppSec teams are struggling to keep up with the increasingly rapid and agile development pace, and playing security defense through a continuous and unproductive vulnerability hunt. Fifty-eight percent of respondents…

In massive Internet scans, hackers are actively searching for vulnerable Essential Addons for Elementor plugin versions on thousands of WordPress websites in an attempt to exploit a recently disclosed critical account password reset vulnerability. The…

When users access a website or send an email, they trust that their information will not be altered and read by third parties. However, maintaining the flow of information on global networks requires numerous intermediary processes, which may pose…

According to a new study, the security of Application Programming Interfaces (APIs) remains a top cybersecurity concern in 2023, but many businesses still lack dedicated API security. Traceable AI research conducted at this year's RSA conference reveals…