SAP Patch Day Highlights Critical Risks in Core Business Systems
New security disclosures address high-stakes vulnerabilities in NetWeaver and Commerce Cloud, demanding immediate enterprise action.
30 results for “cybersecurity”
New security disclosures address high-stakes vulnerabilities in NetWeaver and Commerce Cloud, demanding immediate enterprise action.
A deep dive into how an xAI coding tool silently moved entire repositories to cloud storage, bypassing standard privacy expectations.
Compromised publishing credentials allowed attackers to inject malicious binaries into widely used Jscrambler NPM versions.
A 60-day review of the CMMC program aims to reduce compliance friction for small firms while maintaining core security standards.
Federal authorities warn that Russian hackers are leveraging compromised SOHO routers to mask intrusions into critical infrastructure.
Federal authorities are hunting two state-linked cyber groups behind a persistent, large-scale campaign targeting Signal and WhatsApp.
Researchers reveal that automated vulnerability scanning tools from Anthropic and OpenAI can be tricked into executing malicious code.
Joint sanctions targeting military intelligence and private threat actors aim to disrupt an expansive Russian ecosystem of digital aggression.
A systemic vulnerability across major AI coding assistants highlights the dangerous failure of human-in-the-loop security protocols.
Researchers have identified five unique prompt injection techniques that exploit how large language models process user inputs.
A leaked GitHub repository containing agency secrets has sparked a congressional investigation into CISA’s internal security posture.
Authorities seized 800 servers in a probe targeting individuals accused of facilitating cyberattacks through sanctioned networks.
Enterprise users instructed to disable Storage Zone Controllers as an investigation into a potential external security breach unfolds.
A critical firmware certificate rollout has been paused for specific Windows 11 devices following reports of update failures.
A sophisticated new C++ information stealer leverages legitimate Apple developer IDs to bypass Gatekeeper and harvest user credentials.
A critical high-risk vulnerability in Chrome’s Intents feature has been patched, marking the fifth exploited zero-day of the year.
Check Point CTO Jonathan Zanger discusses how AI scales defense operations and complicates the enterprise threat landscape.
Critical updates for iOS and macOS patch two actively exploited zero-day vulnerabilities affecting kernel and WebKit components.
Microsoft identifies a sophisticated new malware strain that fuses espionage and permanent data destruction into a single, unified tool.
Threat actors are weaponizing reservation-themed emails with container files to bypass modern Microsoft Office security protections.
A recently disclosed proof-of-concept exploit targeting Windows Defender brings renewed focus to the fragility of enterprise security software.
A wide-ranging breakdown of recent cybersecurity disruptions, from intelligence agency offensives to critical enterprise data leaks.
A third-party security failure exposed customer data, forcing the retail giant to warn users about the heightened risk of phishing attacks.
Federal agencies face a September 9 deadline to patch a high-severity firewall bug being actively exploited in the wild.
The Australian Cyber Security Centre reports that malicious actors are utilizing automated tools to compromise content management systems.
A new automated attack technique can plant persistent, invisible false memories into AI agents through a single, malicious email.
A whistleblower report alleges systemic security failures and regulatory non-compliance, sparking intense scrutiny from federal officials.
Microsoft anticipates a surge in security updates as AI-accelerated vulnerability discovery becomes the new industry standard.
A severe data exfiltration event at a New Jersey diagnostics firm highlights the evolving extortion tactics of the WorldLeaks group.
A newly identified macOS infostealer leverages Apple-notarized installers to bypass system security and harvest sensitive user data.