Google on Monday disclosed that a high-severity security flaw impacting an open-source Qualcomm component used in Android devices has been exploited in the wild. The vulnerability in question is CVE-2026-21385 (CVSS score: 7.8), a buffer over-read in the Graphics component. “Memory corruption when adding ...
The threat actor behind the recently disclosed artificial intelligence (AI)-assisted campaign targeting Fortinet FortiGate appliances leveraged an open-source, AI-native security testing platform called CyberStrikeAI to execute the attacks. The new findings come from Team Cymru, which detected its use following an analysis ...
The OWASP Top 10 is a regularly updated awareness document that outlines the ten most critical security risks to web applications. Created by the Open Web Application Security Project (OWASP), it serves as a standard for developers, designers, and organizations ...
Discord, one of the world’s leading communication platforms for gaming and online communities, has confirmed a data breach involving a third-party customer service provider that resulted in the exposure of sensitive user information. The breach affected a subset of users ...
A vulnerability affects all versions of the OpenSSH client released in the past two decades, ever since the application was released in 1999. The security bug received a patch this week, but since the OpenSSH client is embedded in a ...
Big changes on the IoT malware scene. Security researchers have spotted a version of the Mirai IoT malware that can run on a vast range of architectures, and even on Android devices. This Mirai malware strain is called Sora, a ...
Users advised to stop using and/or uninstall plugins ASAP to stop Pretty Grievous Pwnage A professor of Computer Security at the Münster University of Applied Sciences has warned that popular email encryption tool Pretty Good Privacy (PGP) might actually allow ...
The GandCrab ransomware continues to virulently spread and adapt to shifting cyber-conditions, most recently crawling back into relevance on the back of several large-scale spam campaigns. What’s interesting is that GandCrab payload was found hiding on legitimate but compromised websites. ...
In a major hit against international cybercriminals, the Dutch police have taken down the world’s biggest DDoS-for-hire service that helped cyber criminals launch over 4 million attacks and arrested its administrators. An operation led by the UK’s National Crime Agency ...