Please turn on your JavaScript for this page to function normally.
passwords
Many popular websites still cling to password creation policies from 1985

A significant number of popular websites still allow users to choose weak or even single-character passwords, researchers at Georgia Institute of Technology have found. …

GenAI
Researchers automated jailbreaking of LLMs with other LLMs

AI security researchers from Robust Intelligence and Yale University have designed a machine learning technique that can speedily jailbreak large language models (LLMs) in an …

Best EDR of the market
Open-source AV/EDR bypassing lab for training and learning

Best EDR Of The Market is a user-mode endpoint detection and response (EDR) project designed to serve as a testing ground for understanding and bypassing EDR’s user-mode …

open-source software
Open-source vulnerability disclosure: Exploitable weak spots

Flaws in the vulnerability disclosure process of open-source projects could be exploited by attackers to harvest the information needed to launch attacks before patches are …

Apple
Apple news: iLeakage attack, MAC address leakage bug

On Wednesday, Apple released security updates for all supported branches of iOS and iPadOS, macOS, tvOS, watchOS and Safari. This time around, the updates did not garner as …

Network Flight Simulator
Network Flight Simulator: Open-source adversary simulation tool

Network Flight Simulator is a lightweight utility that generates malicious network traffic and helps security teams evaluate security controls and network visibility. The tool …

iPhone
Apple offers security researchers specialized iPhones to tinker with

Apple is inviting security researchers to apply for its Security Research Device Program (SRDP) again, to discover vulnerabilities and earn bug bounties. Apple started the …

VPN
Almost all VPNs are vulnerable to traffic-leaking TunnelCrack attacks

Several vulnerabilities that affect most VPN products out there can be exploited by attackers to read user traffic, steal user information, or even attack user devices, …

North Korea
North Korean hackers breached Russian missile development firm

North Korean state-sponsored hackers have breached Russian missile maker NPO Mashinostroyeniya, according to SentinelLabs researchers. North Korean hackers discovered The …

keyboard
Keystroke sounds can betray passwords

Researchers from several UK universities have proven that the recorded sounds of laptop keystrokes can be used to obtain sensitive user data such as passwords with a high …

AWS
Attackers can turn AWS SSM agents into remote access trojans

Mitiga researchers have documented a new post-exploitation technique attackers can use to gain persistent remote access to AWS Elastic Compute Cloud (EC2) instances (virtual …

White House
US companies commit to safe, transparent AI development

Seven US artificial intelligence (AI) giants – Amazon, Anthropic, Google, Inflection, Meta, Microsoft, and OpenAI – have publicly committed to “help move …

Don't miss

Cybersecurity news