OneLogin Bug Let Attackers Use API Keys to Steal OIDC Secrets and Impersonate Apps
Oct 01, 2025Ravie LakshmananVulnerability / API Security A high-severity security flaw has been disclosed in the One Identity OneLogin Identity...
Read more →News Archive
View All →
OpenSSL Vulnerabilities Allow Private Key Recovery, Code Execution, DoS Attacks
The OpenSSL Project has announced the availability of several new versions of the open source SSL/TLS toolkit, which include patches...
Read more →
Media Creation Tool broken on Windows 11 Arm64 PCs
After rolling out Windows 11 25H2, also known as Windows 11 2025 Update, Microsoft has confirmed that the Media Creation...
Read more →
CISA Warns of Cisco IOS and IOS XE SNMP Vulnerabilities Exploited in Attacks
Cisco’s Simple Network Management Protocol (SNMP) implementations in IOS and IOS XE have come under intense scrutiny following reports of...
Read more →
North Korea’s IT workers are targeting firms beyond tech, crypto, and the U.S.
North Korea’s clandestine IT Worker (ITW) program, which is long known for targeting U.S. technology firms and crypto firms, has...
Read more →
Gemini AI flaws could have exposed your data
Security researchers discovered three vulnerabilities in Google’s Gemini artificial intelligence (AI) assistant. Although now patched, this “Trifecta”, as the researchers...
Read more →
Red Hat OpenShift AI Flaw Exposes Hybrid Cloud Infrastructure to Full Takeover
Oct 01, 2025Ravie LakshmananAI Security / Cloud Security A severe security flaw has been disclosed in the Red Hat OpenShift...
Read more →
Cybersecurity Awareness Month 2025: Prioritizing Identity to Safeguard Critical Infrastructure
This October marks the 22nd anniversary of Cybersecurity Awareness Month, an initiative launched under the guidance of the U.S. Department...
Read more →
MatrixPDF Attacks Gmail Users Bypassing Email Filters and Fetch Malicious Payload
In recent weeks, a novel malware campaign dubbed MatrixPDF has surfaced, targeting Gmail users with carefully crafted emails that slip...
Read more →
Securing the Software-Defined Vehicle: How Rust and Formal Verification are Revolutionizing Automotive Cybersecurity
Modern vehicles rely heavily on software, increasing their vulnerability to cybersecurity threats.Memory safety is now top of mind and the...
Read more →
Detour Dog’s DNS Hijacking Infects 30,000 Websites with Strela Stealer
New research from Infoblox Threat Intel has revealed that an established, persistent group of cybercriminals, Detour Dog, has been silently...
Read more →
How Leading Security Teams Blend AI + Human Workflows (Free Webinar)
Oct 01, 2025The Hacker NewsAutomation / IT Operations AI is changing automation—but not always for the better. That’s why we’re...
Read more →