The Industrialization of Exploitation: Why Defensive AI Must Outpace Offensive AI

Today, vulnerabilities can be discovered, connected, and operationalized at a speed that traditional security processes were never designed to match. Learn more...

EUVD-2025-10912

Malicious code in bioql PyPI...

CVE-2025-29792 Microsoft Office Elevation of Privilege Vulnerability

...

CISA: Three Ps of Voting

System About Files News Vote Help | Services API Advertise Contact | Account Join Login ---|---|---...

Researchers Uncover Malware Using BYOVD to Bypass Antivirus Protections

Cybersecurity researchers have uncovered a new malicious campaign that leverages a technique called Bring Your Own Vulnerable Driver BYOVD to disarm security protections and ultimately gain access to the infected system. "This malware takes a more sinister route: it drops a legitimate Avast...

When Guardians Become Predators: How Malware Corrupts the Protectors

When Guardians Become Predators: How Malware Corrupts the Protectors By Trellix · November 20, 2024 This blog was also written by Trishaan Kalra Introduction We often trust our security software to stand as an unbreakable wall against malware and attacks, but what happens when that very wall is...

Microsoft security experts outline next steps after compromise recovery

Who is CRSP? The Microsoft Compromise Recovery Security Practice CRSP is a worldwide team of cybersecurity experts operating in most countries, across both public and private organizations, with deep expertise to secure an environment post-security breach and to help you prevent a breach in the...

Microsoft security experts outline next steps after compromise recovery

Who is CRSP? The Microsoft Compromise Recovery Security Practice CRSP is a worldwide team of cybersecurity experts operating in most countries, across both public and private organizations, with deep expertise to secure an environment post-security breach and to help you prevent a breach in the...

MegaCortex continues trend of targeted ransomware attacks

MegaCortex is a relatively new ransomware family that continues the 2019 trend of threat actors developing ransomware specifically for targeted attacks on enterprises. While GandCrab apparently shut its doors, several other bespoke, artisanal ransomware families have taken its place, including...

BBC Inside Out. Consumer advice for the ‘smart’ homeowner

We were recently asked to demonstrate security flaws in a smart home for the BBC Inside Out TV show. We’ve done this before, so what was different? This home was by far the most connected we had looked at. Typically, homes have a few smart devices; a smart thermostat, CCTV, maybe a doorbell and...

Rig Exploit Kit 3.0 Claims 1 Million Malvertising Victims

LAS VEGAS – A rampant malvertising campaign fueled by a new version of the Rig Exploit Kit has claimed at least 950,000 victims worldwide and is doing so with an unprecedented success rate. Researchers at Trustwave said in advance of this week’s Black Hat conference that they have been watching...

The Challenge of Starting an Application Security Program

Since organizations started opening their internal applications to the Web, a little more than a decade ago, it became clear that the security of those connected applications would be more complex – and critical to get right – than before. Unfortunately, through complacency, perhaps a feeling tha...