Vulnerability

Google has rolled out fixes to address a set of nine security issues in its Chrome browser, including a new zero-day that has been exploited in the wild.

A warning of suspected exploitation of a recently disclosed critical security flaw in the Apache ActiveMQ open-source message broker service.

Google expanding its Vulnerability Rewards Program (VRP) to reward researchers for finding attack scenarios tailored to generative AI systems.

NYC subway security flaw has been revealed, allowing anyone with knowledge of a user’s credit card number and expiry date to track all journeys.

Cybersecurity agencies warned about emergence of new variants of the TrueBot malware, targeting companies in the U.S. and Canada.

A critical security vulnerability has been disclosed in the Open Authorization (OAuth) implementation of the application development framework Expo.io.

Google released software updates to address yet another zero-day flaw high-severity vulnerability in its Chrome web browser.

North Korea-backed Lazarus Group has been observed deploying a Windows rootkit by taking advantage of an exploit in a Dell firmware driver.

Drupal security warning of a vulnerabilities affecting several versions of Drupal that could allow an attacker to access sensitive information.

Microsoft Teams new vulnerabilities are another chink in the armor of applications that aim to be enterprise-grade communication platforms.