Biztonsági szemle

In response to mounting cybersecurity risks targeting critical infrastructure, two U.S. Senators have introduced a bipartisan bill aimed at bolstering cyber resilience across the energy sector.

FedScoop reports that the General Services Administration's identity verification platform Login.gov was found by the Government Accountability Office to have inadequate backup data testing processes, even if it excelled in metrics concerning data...

Attackers exploiting a critical Roundcube webmail software vulnerability concealed for a decade could achieve vulnerable system takeovers and arbitrary code execution, according to The Hacker News.

Sean Plankey and Sean Caincross, who were nominated by President Donald Trump to hold the Cybersecurity and Infrastructure Security Agency director and national cyber director positions, respectively, have been separately endorsed by a pair of...

Hackers are exploiting trusted authentication flows — like Microsoft Teams and IoT logins — to trick users into handing over access tokens, bypassing MFA and slipping undetected into corporate networks.

TechCrunch reports that Qualcomm has fixed a trio of zero-day vulnerabilities leveraged in ongoing attacks, as part of updates that also remediated other security issues across dozens of its chipsets.

Hewlett Packard Enterprise has released the latest version of its disk-based de-duplicating backup system StoreOnce to remediate eight security flaws, led by the critical authentication bypass vulnerability, tracked as CVE-2025-37093...

Google cites "patterns of concerning behavior" with China- and Hungary-based certificate authorities.