Biztonsági szemle

Dark Reading Confidential Episode 8: Federal funding for the CVE Program expires in April 2026, and a trio of experts agree the industry isn't doing enough to deal with the looming crisis. Bugcrowd's Trey Ford, expert Adam Shostack, and CVE historian...

Using the API Connections for Azure Logic Apps, a security researcher found unauthenticated users could access sensitive data of other customers.

A swath of copycat Korean apps are hiding spyware, occasionally leading to highly personal, disturbing extortions.

Attackers are becoming faster at exploiting vulnerabilities, but this startup seeks to stop threats before they lead to breaches.

The deal shakes up the identity and access management landscape and expands Palo Alto Networks' footprint in the cybersecurity market.

The US government is throwing the book at even midlevel cybercriminals. Is it just — and is it working?

An unsealed indictment associated with the Chinese threat group shows its members worked for companies closely aligned with the PRC as part of a larger contractor ecosystem.

A year after the largest outage in IT history, organizations need to make an active effort to diversify their technology and software vendors and create a more resilient cyber ecosystem moving forward.

A brand-new cyberattack vector allows threat actors to use a poisoned browser extension to inject malicious prompts into all of the top generative AI tools on the market, including ChatGPT, Gemini, and others.

The National Treasury of South Africa is among the half-dozen known victims in South Africa — along with other nations — of the mass compromise of on-premises Microsoft SharePoint servers.

The emerging cybercriminal gang, which initially targeted Microsoft Windows systems, is looking to go cross-platform using sophisticated, multithread encryption.

A now-patched authentication issue on the popular vibe-coding platform gave unauthorized users open access to any private application on Base44.