Автор: Nate Nelson, Contributing Writer

Seven system recovery programs contained what amounted to a backdoor for injecting any untrusted file into the system startup process.

New year, same story. Despite Ivanti’s commitment to secure-by-design principles, Chinese threat actors are exploiting its edge devices for the nth time.

New year, same story. Despite Ivanti’s commitment to secure-by-design principles, threat actors — possibly the same ones as before — are exploiting its edge devices for the nth time.

The most recent iteration of the open source infostealer skates by antivirus programs on Macs, using an encryption mechanism stolen from Apple’s own antivirus product.

The country awaits implementation guidelines for a framework that gives Indians greater autonomy and security over their personal data — and recognizes a right to personal privacy.

Healthcare organizations of all shapes and sizes will be held to a stricter standard of cybersecurity starting in 2025 with new proposed rules, but not all have the budget for it.

A newly discovered vulnerability, CVE-2024-53677, in the aging Apache framework is going to cause major headaches for IT teams, since patching isn’t enough to fix it.

Cyberattackers used fake DocuSign links and HubSpot forms to try to solicit Azure cloud logins from hundreds of thousands of employees across Europe.

Hackers are abusing legitimate Windows utilities to target Thai law enforcement with a novel malware that is a mix of sophistication and amateurishness.

A new side-channel attack method is a computationally practical way to infer the structure of a convolutional neural network — meaning that cyberattackers or rival companies can plagiarize AI models and take their data for themselves.