Zeljka Zorz
VirtualBox Guest-to-Host escape 0day and exploit released online
Independent vulnerability researcher Sergey Zelenyuk has made public a zero-day vulnerability he discovered in VirtualBox, the popular open source virtualization software …
Attackers breached Statcounter to steal cryptocurrency from gate.io users
Web analytics company Statcounter and cryptocurrency exchange gate.io have been compromised in another supply-chain attack, which resulted in an unknown number of gate.io …
How task management and easy collaboration can help your security team
Many individuals struggle with organizing their day-to-day work. In instances where they are expected to perform many disparate tasks, disorganization could end up being fatal …
Self-encrypting SSDs vulnerable to encryption bypass attacks
Researchers have discovered security holes in the hardware encryption implementation of several solid state disks (SSDs) manufactured by Crucial (owned by Micron) and Samsung, …
Apache Struts 2.3.x vulnerable to two year old RCE flaw
The Apache Software Foundation is urging users that run Apache Struts 2.3.x to update the Commons FileUpload library to close a serious vulnerability that could be exploited …
How financial institutions can change the economics of fraud
In 2017, the number of identity fraud victims in the United States has risen to nearly 17 million. As the US became the last of the G20 countries to adopt Chip and …
Netflix releases desktop versions of device security app Stethoscope
In early 2017, the Netflix team open sourced Stethoscope, an application that collects information about users’ devices and provides them with recommendations for securing …
Vulnerabilities’ CVSS scores soon to be assigned by AI
The National Institute of Standards and Technology (NIST) is planning to use IBM’s Watson to evaluate how critical publicly reported computer vulnerabilities are and …
USB threat vector trends and implications for industrial operators
In an attempt to make industrial control systems less accessible to attackers, industrial players are limiting network access and increasingly using USB media devices to …
Cisco security appliances under attack, still no patch available
A vulnerability (CVE-2018-15454) affecting a slew Cisco security appliances, modules and firewalls is being exploited in the wild to crash and reload the devices, the company …
Apple releases security updates, says new MacBooks will disconnect microphone when lid is closed
Apple unveiled new Macs and iPads on Tuesday and has pushed out security updates for macOS (Mojave, High Sierra, Sierra), iOS, watchOS, tvOS, Safari, iTunes, and iCloud for …
Word documents seemingly carrying videos can deliver malicious code instead
A feature that allows anyone to embed a video directly in a Word document can be easily misused to trick target users into downloading and running malware, Cymulate …
Featured news
Resources
Don't miss
- Microsoft reveals critical Windows Admin Center vulnerability (CVE-2026-26119)
- Data on 1.2 million French bank accounts accessed in registry breach
- Bug in widely used VoIP phones allows stealthy network footholds, call interception (CVE-2026-2329)
- PromptSpy: First Android malware to use generative AI in its execution flow
- Open-source benchmark EVMbench tests how well AI agents handle smart contract exploits