GitLab Patches Critical SAML Authentication Bypass Flaw in CE and EE Editions
GitLab has released patches to address a critical flaw impacting Community Edition (CE) and Enterprise Edition (EE) that could result in an authentication bypass.The...
New “Raptor Train” IoT Botnet Compromises Over 200,000 Devices Worldwide
Cybersecurity researchers have uncovered a never-before-seen botnet comprising an army of small office/home office (SOHO) and IoT devices that are likely operated by a...
Chinese Engineer Charged in U.S. for Years-Long Cyber Espionage Targeting NASA and Military
A Chinese national has been indicted in the U.S. on charges of conducting a "multi-year" spear-phishing campaign to obtain unauthorized access to computer software...
Why Pay A Pentester?
The evolution of software always catches us by surprise. I remember betting against the IBM computer Deep Blue during its chess match against the...
North Korean Hackers Target Energy and Aerospace Industries with New MISTPEN Malware
A North Korea-linked cyber-espionage group has been observed leveraging job-themed phishing lures to target prospective victims in energy and aerospace verticals and infect them...
Chrome Introduces One-Time Permissions and Enhanced Safety Check for Safer Browsing
Google has announced that it's rolling out a new set of features to its Chrome browser that gives users more control over their data...
GSMA Plans End-to-End Encryption for Cross-Platform RCS Messaging
The GSM Association, the governing body that oversees the development of the Rich Communications Services (RCS) protocol, on Tuesday, said it's working towards implementing...
Patch Issued for Critical VMware vCenter Flaw Allowing Remote Code Execution
Broadcom on Tuesday released updates to address a critical security flaw impacting VMware vCenter Server that could pave the way for remote code execution.The...
Google Chrome Switches to ML-KEM for Post-Quantum Cryptography Defense
Google has announced that it will be switching from KYBER to ML-KEM in its Chrome web browser as part of its ongoing efforts to...
U.S. Treasury Sanctions Executives Linked to Intellexa Predator Spyware Operation
The U.S. Department of Treasury has imposed fresh sanctions against five executives and one entity with ties to the Intellexa Consortium for their role...
