Lanscope Endpoint Manager vulnerability exploited in zero-day attacks (CVE-2025-61932)
CVE-2025-61932, an “improper verification of source of a communication channel” vulnerability affecting Lanscope Endpoint Manager, has been exploited as a zero-day …
Critical Adobe Commerce, Magento vulnerability under attack (CVE-2025-54236)
Attackers are trying to exploit CVE-2025-54236, a critical vulnerability affecting Adobe Commerce and Magento Open Source, Sansec researchers have warned. The company blocked …
Faster LLM tool routing comes with new security considerations
Large language models depend on outside tools to perform real-world tasks, but connecting them to those tools often slows them down or causes failures. A new study from the …
Your wearable knows your heartbeat, but who else does?
Smartwatches, glucose sensors, and connected drug-monitoring devices are common in care programs. Remote monitoring helps detect changes early and supports personalized …
How Lazarus Group used fake job ads to spy on Europe’s drone and defense sector
ESET researchers have uncovered a fresh wave of Operation DreamJob, a long-running campaign linked to North Korea’s Lazarus Group. This latest activity targeted several …
The next cyber crisis may start in someone else’s supply chain
Organizations are getting better at some aspects of risk management but remain underprepared for the threats reshaping the business landscape, according to a new Riskonnect …
Gartner predicts the technologies set to transform 2026
Gartner has unveiled its vision for the technologies that will define 2026, spotlighting the innovations and risks that business and IT leaders can’t afford to ignore. The …
Attackers target retailers’ gift card systems using cloud-only techniques
A newly uncovered attack campaign mounted by suspected Morocco-based attackers has been hitting global retailers and other businesses issuing gift cards. What makes this …
Attackers turn trusted OAuth apps into cloud backdoors
Attackers are increasingly abusing internal OAuth-based applications to gain persistent access to cloud environments, Proofpoint researchers warn. These apps often remain …
Life, death, and online identity: What happens to your online accounts after death?
The rapid technological advances of recent decades have transformed nearly every aspect of our lives. One major shift is that many of us now maintain extensive digital …
OpenFGA: The open-source engine redefining access control
OpenFGA is an open-source, high-performance, and flexible authorization engine inspired by Google’s Zanzibar system for relationship-based access control. It helps developers …
For blind people, staying safe online means working around the tools designed to help
Blind and low-vision users face the same password challenges as everyone else, but the tools meant to make security easier often end up getting in the way. A study from the …
Featured news
Resources
Don't miss
- Radio signals could give attackers a foothold inside air-gapped devices
- Product showcase: RoboForm password manager for iOS
- LLMs are automating the human part of romance scams
- Superagent: Open-source framework for guardrails around agentic AI
- Security chaos engineering matters when nothing is broken