The popularity of the TF2 gaming and trading scene attracts scammers with phishing, fake trades, and malicious tools.…

Here's a step-by-step guide on how to turn off and disable Apple Intelligence from your devices. © 2024 TechCrunch. All rights reserved. For personal use only.

Amid ongoing fears over TikTok, Chinese generative AI platform DeepSeek says it’s sending heaps of US user data straight to its home country, potentially setting the stage for greater scrutiny.

A new survey reveals the cybersecurity skills gap continues to grow, and it's likely to get worse before it gets better.

As its low-cost AI model receives accolades, the Chinese company says ongoing attacks on its services are making it harder for new users to sign up. The post DeepSeek AI claims services are facing...

Multiple security vulnerabilities have been disclosed in GitHub Desktop as well as other Git-related projects that, if successfully exploited, could permit an attacker to gain unauthorized access...

A Texas county government that serves about 40,000 residents is suffering from a cyberattack that forced officials to declare a disaster over the weekend.

Breaches of major cloud platforms amplify the need to cover all your bases

Welcome to your weekly cybersecurity scoop! Ever thought about how the same AI meant to protect our hospitals could also compromise them? This week, we’re breaking down the sophisticated world of...

DeepSeek, a new China-backed AI platform, faces a cyberattack disrupting new user registrations. Learn about its rapid growth,…

Chinese AI platform DeepSeek has disabled registrations on it DeepSeek-V3 chat platform due to an ongoing "large-scale" cyberattack targeting its services. [...]

The Open Web Application Security Project has recently introduced a new Top 10 project - the Non-Human Identity (NHI) Top 10. For years, OWASP has provided security professionals and developers...

A critical vulnerability in Brave Browser allows malicious websites to appear as trusted sources during file uploads/downloads. Learn…

A new phishing tactic has been identified by Cisco Talos, using hidden text salting to evade email security measures

Open-source password manager Bitwarden is adding an extra layer of security for accounts that are not protected by two-factor authentication, requiring email verification before allowing access to...

​Microsoft has confirmed that the January 2025 Windows security updates are breaking audio playback on some systems with external DACs (digital-to-analog converters). [...]

The hack at Change Healthcare stands as the biggest breach of U.S. medical data in history, exposing 190 million people's data. © 2024 TechCrunch. All rights reserved. For personal use only.

A company’s licensing change to a static analysis tool has forced 10 companies together to create Opengrep. The post Open-source security spat leads companies to join forces for new tool appeared...

Beware of a convincing Royal Mail SMS phishing scam asking for personal details and payment for re-delivery. Learn…

​Apple has released security updates to fix this year's first zero-day vulnerability, tagged as actively exploited in attacks targeting iPhone users. [...]

All signs point to a legendary year ahead

2025-01-14 • Vertex • Savage Open article on Malpedia

2025-01-22 • Vertex • Savage • win.warmcookie Open article on Malpedia

Learn how to protect against the abuse of AWS Server-Side Encryption with Customer-Provided Keys (SSE-C) in ransomware campaigns.

A novel phishing campaign identified by Zimperium targets mobile users with malicious PDFs, impersonating USPS to steal credentials

Obsidian found that threat actors are focusing on SaaS applications to steal sensitive data, with most organizations' security measures not set up to deal with these attacks

By adopting the 'Zero Noise' approach—prioritizing attacker-focused detections, continuous feedback loops, and a 'no alert left behind' mentality—security teams can cut through cloud alert noise,...

In the past decade, Oracle Database (Oracle DB) has reigned supreme in the competitive arena of database engine popularity ranking as shown in Figure 1 and Figure 2. This pervasiveness has led...

As part of our ongoing mission to identify emerging threats to mobile security, our zLabs team has been actively tracking a phishing campaign impersonating the United States Postal Service (USPS)...

As part of our ongoing mission to identify emerging threats to mobile security, our zLabs team has been actively tracking a phishing campaign impersonating the United States Postal Service (USPS)...