Hugging Face AI Platform Riddled With 100 Malicious Code-Execution Models
The finding underscores the growing risk of weaponizing publicly available AI models and the need for better security to combat…
March 2024
MTTR: The Most Important Security Metric
Measuring and tracking your mean time to remediate shows whether vulnerability management is reducing risk and closing opportunities for adversaries.
Ransomware-as-a-Service Spawns Wave of Cyberattacks in Middle East & Africa
Experts advise organizations in the region to refuse to pay ransom demands.
Meet ‘XHelper,’ the All-in-One Android App for Global Money Laundering
User-friendly apps allow anybody to serve as traffickers for cybercrime syndicates.
Echoes of SolarWinds in New ‘Silver SAML’ Attack Technique
A successor to the "Golden SAML" tactic used in the SolarWinds campaign, this new technique taps SAML response forgery to…
US Government Expands Role in Software Security
The White House Office of the National Cyber Director puts software developers on notice, calling for a move to memory-safe…
‘Voltzite’ Zaps African Utilities as Part of Volt Typhoon’s Onslaught
The China-backed APT that's been trying to set itself up inside US critical infrastructure for the purpose of disrupting physical…
Cyberattackers Lure EU Diplomats With Wine-Tasting Offers
A targeted attack aiming to exploit geopolitical relations between India and Europe delivers previously undocumented, uniquely evasive backdoor malware.
Converging State Privacy Laws and the Emerging AI Challenge
It's time for companies to look at what they're processing, what types of risk they have, and how they plan…
Apple emergency security updates fix two new iOS zero-days
Apple released emergency security updates to address two new iOS zero-day vulnerabilities actively exploited in the wild against iPhone users.…