The infostealer was delivered via CVE-2026-48558, a critical authentication bypass vulnerability in SimpleHelp.

The industry is moving toward fixing the private key vulnerability issue, just not evenly, Wish Wu, co-founder and CEO of ...

ESET researchers have discovered SprySOCKS for Windows, FishMonger’s backdoor weaponizing a kernel driver for advanced ...

I'd like to thank my co-author, Martin Zugec, for his valuable contributions to this report. This intrusion adds three dimensions to the public understanding of Chinese APT activity in contested ...

Thursday. Another week, another batch of things that probably should've been caught sooner but weren't. This one's got some range — old vulnerabilities getting new life, a few "why was that even ...

I'd like to thank my coauthors Adrian Schipor, Victor Vrabie, Marius Baciu, and Martin Zugec for their invaluable contributions to this research. This research provides a direct look at the new ...

2:47 AM. November 2023. My phone rings. "We just failed the SOC 2 audit. The finding: 'Customer PII in S3 not encrypted with auditable key access controls.' But... we DO have encryption enabled.

Secure coding refers to the practice of writing source code for software applications in a manner that actively prevents the introduction of security vulnerabilities. It is a proactive approach ...

In today's digital landscape, where security breaches and data leaks are all too common, safeguarding sensitive information like system user credentials is more crucial than ever. One of the most ...

It’s easy to take data security for granted. We’ve all left desktop computers logged in while unattended, momentarily misplaced mobile devices or sent sensitive files via email. However, the internet ...