software vulnerability

F5 Breach Exposes BIG-IP Source Code — Nation-State Hackers Behind Massive Intrusion

Oct 15, 2025Ravie LakshmananVulnerability / Threat Intelligence U.S. cybersecurity company F5 on Wednesday disclosed that unidentified threat actors broke into its systems and stole files containing some of BIG-IP’s source code and information related to…

Over 100 VS Code Extensions Exposed Developers to Hidden Supply Chain Risks

New research has uncovered that publishers of over 100 Visual Studio Code (VS Code) extensions leaked access tokens that could be exploited by bad actors to update the extensions, posing a critical software supply chain…

How Attackers Bypass Synced Passkeys

Oct 15, 2025Ravie LakshmananData Protection / Browser Security TLDR Even if you take nothing else away from this piece, if your organization is evaluating passkey deployments, it is insecure to deploy synced passkeys. Synced passkeys…

Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped

Microsoft on Tuesday released fixes for a whopping 183 security flaws spanning its products, including three vulnerabilities that have come under active exploitation in the wild, as the tech giant officially ended support for its…

Two CVSS 10.0 Bugs in Red Lion RTUs Could Hand Hackers Full Industrial Control

Oct 15, 2025Ravie LakshmananVulnerability / Critical Infrastructure Cybersecurity researchers have disclosed two critical security flaws impacting Red Lion Sixnet remote terminal unit (RTU) products that, if successfully exploited, could result in code execution with the…

Hackers Target ICTBroadcast Servers via Cookie Exploit to Gain Remote Shell Access

Oct 15, 2025Ravie LakshmananVulnerability / Server Security Cybersecurity researchers have disclosed that a critical security flaw impacting ICTBroadcast, an autodialer software from ICT Innovations, has come under active exploitation in the wild. The vulnerability, assigned…

New SAP NetWeaver Bug Lets Attackers Take Over Servers Without Login

Oct 15, 2025Ravie Lakshmanan Enterprise Software / Vulnerability SAP has rolled out security fixes for 13 new security issues, including additional hardening for a maximum-severity bug in SAP NetWeaver AS Java that could result in…

Chinese Hackers Exploit ArcGIS Server as Backdoor for Over a Year

Oct 14, 2025Ravie LakshmananCyber Espionage / Network Security Threat actors with ties to China have been attributed to a novel campaign that compromised an ArcGIS system and turned it into a backdoor for more than…

How Threat Hunting Builds Readiness

Every October brings a familiar rhythm – pumpkin-spice everything in stores and cafés, alongside a wave of reminders, webinars, and checklists in my inbox. Halloween may be just around the corner, yet for those of…

Single 8-Byte Write Shatters AMD’s SEV-SNP Confidential Computing

Oct 14, 2025Ravie LakshmananVulnerability / Hardware Security Chipmaker AMD has released fixes to address a security flaw dubbed RMPocalypse that could be exploited to undermine confidential computing guarantees provided by Secure Encrypted Virtualization with Secure…

« Previous
1
…
24
25
26
27
28
…
332
Next »