Security leaders consider banning AI coding due to security risks
92% of security leaders have concerns about the use of AI-generated code within their organization, according to Venafi. Tension between security and developer teams 83% of …
Hackers breaching construction firms via specialized accounting software
Firms in the construction industry are getting breached by hackers via internet-exposed servers running Foundation accounting software, Huntress researchers are warning. …
Ghost: Criminal communication platform compromised, dismantled by international law enforcement
Another encrypted communication platform used by criminals has been dismantled and its alleged mastermind arrested, the Australian Federal Police has announced on Tuesday. …
Critical VMware vCenter Server bugs fixed (CVE-2024-38812)
Broadcom has released fixes for two vulnerabilities affecting VMware vCenter Server that can be triggered by sending a specially crafted network packet, and could lead to …
CrowdSec: Open-source security solution offering crowdsourced protection
Crowdsec is an open-source solution that offers crowdsourced protection against malicious IPs. CrowdSec features For this project, the developers have two objectives: Provide …
Detecting vulnerable code in software dependencies is more complex than it seems
In this Help Net Security interview, Henrik Plate, CISSP, security researcher, Endor Labs, discusses the complexities AppSec teams face in identifying vulnerabilities within …
The proliferation of non-human identities
97% of non-human identities (NHIs) have excessive privileges, increasing unauthorized access and broadening the attack surface, according to Entro Security’s 2025 State …
Cybersecurity jobs available right now: September 18, 2024
Some of the jobs listed here are no longer accepting applications. For a fresh list of open cybersecurity jobs, go here. Application Security Engineer CHANEL | France | …
Organizations overwhelmed by numerous and insecure remote access tools
Organizations are combating excessive remote access demands with an equally excessive number of tools that provide varying degrees of security, according to Claroty. Data from …
Apple releases iOS 18, with security and privacy improvements
Apple has launched iOS 18, the latest significant iteration of the operating system powering its iPhones. Along with many new features and welcome customization options, iOS …
PoC exploit for exploited Ivanti Cloud Services Appliance flaw released (CVE-2024-8190)
CVE-2024-8190, an OS command injection vulnerability in Ivanti Cloud Services Appliance (CSA) v4.6, is under active exploitation. Details about the attacks are still unknown, …
Gateways to havoc: Overprivileged dormant service accounts
Service accounts are non-human identities used to automate machine-to-machine interactions. They support critical functions – such as running scripts, services, and …
Featured news
Resources
Don't miss
- March 2025 Patch Tuesday forecast: A return to normalcy
- Hetty: Open-source HTTP toolkit for security research
- How to safely dispose of old tech without leaving a security risk
- Who’s in your digital house? The truth about third-party access
- Can AI-powered gamified simulations help cybersecurity teams keep up?