Vulnerabilities | News, how-tos, features, reviews, and videos
The Indirector attack discovered by University of California San Diego researchers focuses on the indirect branch predictor of a CPU.
In a somewhat chilling revelation, AI agents were able to find and exploit known vulnerabilities, but only under certain conditions, which researchers say indicates they're not close to being a significant threat - yet.
Research from Rapid7 shows a spike in zero-days contributing to quicker exploit timelines, leaving IT security teams under strain with a greater need for post-incident response.
The company’s Patch Tuesday includes fixes for flaws in Windows Desktop Window Manager, Windows MSHTML, and Visual Studio, among others, that IT security orgs should prioritize.
Researchers found a deep, unpatchable flaw in virtual private networks dubbed Tunnelvision can allow attackers to siphon off data without any indication that they are there.
The rapid of exploitation of zero-day vulnerabilities, such as MOVEit, and the effectiveness of ransomware attacks are two of the major findings from last year’s breach data.
The Chinese APT group is using a variety of tools to infiltrate networks and steal large amounts of data.
The vulnerability found in GlobalProtect could be exploited to gain access to corporate networks and has seen a rise in compromise attempts despite being patched.
MagicDot technique allows attackers to capitalize on an already-patched vulnerability simply by changing the dots in a path.
Cisco fixes high-risk flaws in the out-of-band management controller of multiple products