AI as Cyberattacker
From Anthropic: In mid-September 2025, we detected suspicious activity that later investigation determined to be a highly sophisticated espionage campaign.…
Security
APIs Are the Retail Engine: How to Secure Them This Black Friday
Can you ever imagine the impact on your business if it went offline on Black Friday or Cyber Monday due…
WrtHug Abuse of ASUS WRT Vulnerabilities Exposes Thousands of EoL Routers
Operation WrtHug refers to a widespread compromise of end-of-life (EoL) ASUS routers, where attackers exploit previously disclosed vulnerabilities to gain…
7-Zip Users at Risk: Symbolic Link Vulnerability Triggers RCE Attacks
A security vulnerability in the widely used 7-Zip file archiver has recently come under active exploitation. The flaw, identified as…
CVE-2025-13223: The Chrome Vulnerability You Can’t Afford to Ignore
Heads up, Chrome users! An actively exploited zero-day vulnerability, CVE-2025-13223, has been identified in Google Chrome’s V8 JavaScript and WebAssembly…
Scam USPS and E-Z Pass Texts and Websites
Google has filed a complaint in court that details the scam: In a complaint filed Wednesday, the tech giant accused…
Bugs Caught in the FortiWeb: Active Attacks Target FortiWeb Zero-Days
Fortinet has recently addressed two actively exploited zero-days in its FortiWeb web application firewall (WAF). These flaws, a command injection…
Legal Restrictions on Vulnerability Disclosure
Kendra Albert gave an excellent talk at USENIX Security this year, pointing out that the legal agreements surrounding vulnerability disclosure…
Zero-Day Vulnerability: How Dangerous Are They?
Zero-day vulnerabilities sit at the center of many high-profile cyberattacks. Security teams race to defend their environments, while attackers exploit…
DoorDash data breach exposes personal info after social engineering attack
DoorDash says a social engineering attack led to a data breach exposing names, addresses, emails, and phone numbers of users,…