Google announced this week the first stable version of Chrome 147, which includes patches for 60 vulnerabilities, including ...

A threat actor started exploiting CVE-2026-39987, an unauthenticated RCE vulnerability in Marimo, nine hours after public disclosure.

MITRE has published the Fight Fraud Framework (MITRE F3), a behavior-based model of tactics and techniques employed by fraudsters.

Microsoft discovered that a third-party Android SDK widely used in cryptocurrency wallet applications is affected by a severe vulnerability.

Google’s Device Bound Session Credentials in Chrome protect against session cookie theft by binding authentication to the device.

The Google API keys, all using the ‘AIza…’ format, can be abused for retroactive privilege escalation: a key that a developer ...

Palo Alto Networks and SonicWall have released patches for multiple vulnerabilities, including high-severity flaws.

“RSAC estimates that there were at least 200 million Apple Intelligence-capable devices in consumers’ hands as of December ...

AI can’t be fully trusted, yet businesses depend on it. Explore the risks of bias, hallucinations, and adversarial ...

A threat actor tracked as UNC6783 and targeting BPOs for corporate data theft is likely linked to the ‘Mr. Raccoon’ hacker.

Eurail says hackers stole the names and passport numbers of 300,000 people from its network in a December 2025 cyberattack.

The DDoS-capable Masjesu botnet focuses on evasion and persistence, but targets a broad range of IoT devices to spread.