-
A supply chain vulnerability in AWS CodeBuild recently put the entire AWS Console at risk. Learn how Wiz Research found the flaw and how Amazon responded to prevent a global security crisis.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Google has initiated a gradual rollout of a highly requested feature that allows users to change their primary Google Account email address from one @gmail.com address to another. The functionality, which has been available in…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cisco has confirmed an ongoing cyberattack campaign targeting Cisco Secure Email Gateway and Cisco Secure Email and Web Manager appliances, in which threat actors are executing arbitrary commands with root-level privileges on affected systems…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The National Security Agency has published the first two products in its Zero Trust Implementation Guidelines series, offering organizations practical recommendations for adopting Zero Trust security models. These foundational res…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
UAT-8837, a China-nexus advanced persistent threat (APT) actor, is conducting sustained campaigns against critical infrastructure sectors across North America. The group, assessed with medium confidence based on tactical overlaps with known Chinese thr…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Go development team has released Go versions 1.25.6 and 1.24.12, addressing six critical security vulnerabilities that could enable denial-of-service attacks, arbitrary code execution, and unauthorised session resumption. These minor point releases…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly reported supply chain attack targeting the Amazon Web Services (AWS) management console has raised alarms across the developer community. Cybersecurity researchers have discovered that threat actors are exploiting misconfigured AWS …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers at Google Project Zero have disclosed a complete zero-click exploit chain affecting Google Pixel 9 smartphones, chaining vulnerabilities in the Dolby audio decoder and kernel driver to achieve code execution and privilege escalatio…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cymulate Research Labs discovered a high-severity authentication bypass vulnerability in Microsoft Windows Admin Centre’s Azure AD Single Sign-On implementation that enables attackers with local administrator access on a single machine to comprom…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Researchers uncover a 5-year malware campaign using browser extensions on Chrome, Firefox and Edge, relying on hidden payloads and shared infrastructure.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
