Security News

Researchers have discovered vulnerabilities in the update process of Palo Alto Networks (CVE-2024-5921) and SonicWall (CVE-2024-29014) corporate VPN clients that could be exploited to remotely...

Cybersecurity researchers have uncovered a new malicious campaign that leverages a technique called Bring Your Own Vulnerable Driver (BYOVD) to disarm security protections and ultimately gain...

ESET researchers have identified multiple samples of two previously unknown Linux backdoors: WolfsBane and FireWood. The goal of the backdoors and tools discovered is cyberespionage that targets...

GitHub projects have been targeted with malicious commits and pull requests, in an attempt to inject backdoors into these projects. Most recently, the GitHub repository of Exo Labs, an AI and...

Cybersecurity researchers have disclosed two security flaws in Google's Vertex machine learning (ML) platform that, if successfully exploited, could allow malicious actors to escalate privileges...

The Federal Ministry of Justice in Germany has drafted a law to provide legal protection to security researchers who discover and responsibly report security vulnerabilities to vendors. [...]

In this Help Net Security interview, Rachel Barouch, an Organizational Coach for VCs and startups and a former VP HR in both a VC and a Cybersecurity startup, discusses the dynamics of...

Cybersecurity researchers have discovered a new malicious Python package that masquerades as a cryptocurrency trading tool but harbors functionality designed to steal sensitive data and drain...

A little over three dozen security vulnerabilities have been disclosed in various open-source artificial intelligence (AI) and machine learning (ML) models, some of which could lead to remote code...

A new attack technique could be used to bypass Microsoft's Driver Signature Enforcement (DSE) on fully patched Windows systems, leading to operating system (OS) downgrade attacks. "This bypass...