CISA has issued an urgent warning about a critical vulnerability in Google Chromium that threat actors are actively exploiting. The vulnerability, designated as CVE-2025-6558, poses…
Amazon Web Services has disclosed a critical security vulnerability in its Client VPN software for Windows that could allow non-administrative users to escalate their privileges…
Clorox, cleaning products giant has filed a lawsuit against IT services provider Cognizant, blaming the company for a massive Clorox data breach that hit its…
UNC3944, a financially driven threat organization associated with “0ktapus,” “Octo Tempest,” and “Scattered Spider,” launched a sophisticated cyber campaign that used social engineering and hypervisor-level…
Multiple high-severity security vulnerabilities have been discovered in Weidmueller Industrial Routers, potentially allowing attackers to execute arbitrary code with root privileges on affected devices. The…
In this Help Net Security interview, Aleksandar Stančin, Board Member Adriatics, Exclusive Networks, discusses the state of cybersecurity in the Adriatic region. He talks about…
Jul 24, 2025Ravie LakshmananCybersecurity / Web Security Cybersecurity researchers have uncovered a new stealthy backdoor concealed within the “mu-plugins” directory in WordPress sites to grant…
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert regarding a severe input validation vulnerability in Google Chromium that is currently being…
Autoswagger is a free, open-source tool that scans OpenAPI-documented APIs for broken authorization vulnerabilities. These flaws are still common, even at large enterprises with mature…
Application-layer attacks have become one of the most common and consequential methods adversaries use to gain access and compromise organizations, according to Contrast Security. These…
The Identity Theft Resource Center (ITRC) reports 1,732 publicly disclosed data breaches in H1 2025, marking a 5% increase over the same period in 2024.…
Bleach maker Clorox has sued information technology provider Cognizant over a devastating 2023 cyber attack, alleging that the hackers pulled off the intrusion simply by…
