Security Bulletin

When Americans look to the skies on July 4th, we expect celebration—fireworks, light shows, and the kind of awe that reflects our national spirit. But in today’s world, those skies carry new meanings.

"Wireless Account Lock" allows customers to prevent the registration of new devices.

An SQL injection exploit exposed the users and owner of CatWatchful stalkerware.

Attackers aren’t breaching firewalls — they’re slipping instructions into prompts. Here’s why OWASP named prompt injection the top GenAI risk, and what it means for security teams.

A successful exploit could let an attacker log-in as the root user.

You can’t patch prompt injection, but you can outsmart it. OWASP’s latest guidance lays out a layered defense strategy for building safer, more resilient GenAI applications.

Deloitte's new blueprint looks to bridge the gap between the massive push for AI adoption and a lack of preparedness among leaders and employees.

As attacks on software supply chains and third parties increase, more data on critical software and infrastructure services is being advertised and sold on the Dark Web.

The Anti-Phishing Working Group observed how attackers are increasingly abusing QR codes to conduct phishing attacks or to trick users into downloading malware.

Malicious extensions can be engineered to bypass verification checks for popular integrated development environments, according to research from OX Security.

Such investigation has been confirmed by DigitalMint, which promptly moved to terminate the employee following the accusations but has not provided details regarding the suspect's arrest.