Security News > 2024 > October

Plus, a POC to make it extra easy for attackers A Microsoft SharePoint bug that can allow an attacker to remotely inject code into vulnerable versions is under active exploitation, according to...

The WhatsApp messenger platform has introduced Identity Proof Linked Storage (IPLS), a new privacy-preserving encrypted storage system designed for contact management. [...]

An advocacy groups is filing a Fourth Amendment challenge against automatic license plate readers. “The City of Norfolk, Virginia, has installed a network of cameras that make it functionally...

The North Korean Lazarus hacking group exploited a Google Chrome zero-day tracked as CVE-2024-4947 through a fake decentralized finance (DeFi) game targeting individuals in the cryptocurrency space. [...]

New variants of a banking malware called Grandoreiro have been found to adopt new tactics in an effort to bypass anti-fraud measures, indicating that the malicious software is continuing to be...

It only takes five days on average for attackers to exploit a vulnerability, according to a new report.

Google has announced it will soon allow organizations to create their own curated "Enterprise Web Store" of company-sanctioned browser extensions for Chrome and ChromeOS, aimed at improving...

Fortinet publicly disclosed today a critical FortiManager API vulnerability, tracked as CVE-2024-47575, that was exploited in zero-day attacks to steal sensitive files containing configurations,...

On the first day of Pwn2Own Ireland, participants demonstrated 52 zero-day vulnerabilities across a range of devices, earning a total of $486,250 in cash prizes. [...]

Identity security is front, and center given all the recent breaches that include Microsoft, Okta, Cloudflare and Snowflake to name a few. Organizations are starting to realize that a shake-up is...