Biztonsági szemle

AI agents and GenAI-driven fuzzing tools are already discovering flaws in open-source software.

While the archived projects remain available for download, users will be provided a warning banner to help them make informed dependency choices. PyPI aims to enhance supply-chain security by preventing attackers from hijacking abandoned projects and...

Hangzhou DeepSeek Artificial Intelligence and Beijing DeepSeek Artificial Intelligence, which support the chatbot service, have been sought by Garante to provide details not only on the types of gathered personal information, used sources, and server...

Chinese-owned social media apps Xiaohongshu, also known as RedNote, and Lemon8 — both of which gained traction across the U.S. ahead of the temporary TikTok ban last month — have also been restricted in all devices provided by the Texas state...

Treasury's payment system "simply cannot fail, and any politically-motivated meddling in them risks severe damage to our country and the economy," said Wyden in a letter to Treasury Secretary Scott Bessent, which also noted the cybersecurity risks...

Attackers who targeted Casio UK's website between Jan. 14 and 24 deployed a two-stage skimmer that consisted of an unobfuscated loader purporting to be a third-party script that triggers the second-stage skimmer that not only encrypted and...

Operations of the firm's client delivery services have not been interrupted by the incident, which has not yet been claimed by any ransomware gang, noted Tata Technologies in a notification filed with India's national stock exchange.

Attacks involved luring targets looking for "Microsoft Ads" and other similar terms on Google Search into clicking on nefarious sponsored links, which redirect to a phishing page resembling the "ads.microsoft[.]com" site that seeks users' login...

Attackers were discovered by Microsoft to have deployed a password spraying intrusion compromising USAID's global admin account in a test environment to establish another account before commencing cryptomining activities exploiting Azure resources...

Here are five ways we can respond to concerns around DeepSeek.

In an attack vector that's been used before, threat actors aim to commit crypto fraud by hijacking highly followed users, thus reaching a broad audience of secondary victims.