WordPress has become a huge target for attackers and vulnerability researchers, and with good reason. The software runs a large fraction of the sites on the Internet and serious vulnerabilities in the ...

A memory issue affects myriad iPhone, iPad and MacOS devices and allows attackers to execute arbitrary code after processing malicious web content.

The dramatic revelations of large-scale government surveillance and deep penetration of the Internet by intelligence services and other adversaries have increased the interest of the general public in ...

Despite all of the revelations and accusations and recriminations in the security industry in the last year, Microsoft CSO Scott Charney said he is still optimistic about the industry’s ability to ...

In this episode of the Digital Underground podcast, Dennis Fisher talks with David Mortman, CSO-in-residence at Echelon One and longtime security executive, about whether we’ve become too reliant on ...

Lockbit is by far this summer’s most prolific ransomware group, trailed by two offshoots of the Conti group. After a recent dip, ransomware attacks are back on the rise. According to data released by ...

Instances of phishing attacks leveraging the Microsoft brand increased 266 percent in Q1 compared to the year prior. The bloom is back on phishing attacks with criminals doubling down on fake messages ...

The move comes just a week after GPU-maker NVIDIA was hit by Lapsus$ and every employee credential was leaked. Just days after leaking data it claims to have exfiltrated from chipmaker NVIDIA, ...

Researcher shows how Instagram and Facebook’s use of an in-app browser within both its iOS apps can track interactions with external websites. Users of Apple’s Instagram and Facebook iOS apps are ...

Can we trust web browsers to protect us, even if they say “https?” Not with the novel BitB attack, which fakes popup SSO windows to phish away credentials for Google, Facebook and Microsoft, et al.

Both vulnerabilities are use-after-free issues in Mozilla’s popular web browser. Mozilla has released an emergency update for its Firefox browser that addresses two critical security vulnerabilities ...

WeTransfer is being used by hackers to circumvent email gateways looking to zap malicious links. Hackers are abusing the popular file-sharing service called WeTransfer to circumvent defensive email ...