Articles and insights about Cybersecurity & Digital Risk.
30 articles in this category
Security researchers at Tarlogic Security discovered 29 undocumented commands in the ESP32 Bluetooth chip manufactured by Espressif, affecting over one billion devices deployed worldwide and enabling potential device impersonation and persistent malware attacks.
Amnesty International's Security Lab disclosed that Cellebrite forensic tools exploited a chain of Android zero-day vulnerabilities to compromise the phone of a Serbian student activist, prompting the company to suspend services for certain Serbian customers.
The Department of Government Efficiency has gained access to sensitive federal databases across multiple agencies while CISA faces at least 130 layoffs, prompting security experts to warn that bypassing standard controls poses significant risks to government information systems.
Bybit, one of the world's largest cryptocurrency exchanges, confirmed a security breach resulting in the theft of approximately $1.5 billion in Ethereum and staked ETH from its cold wallet infrastructure, marking the largest cryptocurrency hack in history.
Valve removed the free-to-play game PirateFi from Steam after discovering it contained Windows malware designed to steal browser cookies and hijack user accounts, with the company recommending affected users fully reformat their operating systems.
Security researchers disclosed a vulnerability chain that could have exposed the email addresses of any YouTube channel, affecting potentially 4 billion accounts. Google paid $10,633 in bug bounties and patched both vulnerabilities before public disclosure.
Security researcher Bruce Schneier highlighted PeerAuth, an open-source tool that repurposes TOTP authentication codes to help individuals verify each other's identity during phone calls and video chats in an era of increasingly convincing AI-generated deepfakes.
Google disclosed a zero-day vulnerability in its Chrome browser that was actively exploited in targeted attacks, prompting an immediate security update for users.
EXECUTIVE BRIEF Security researchers from Google's Project Zero have disclosed a critical vulnerability (CVE-2025-1234) in Kubernetes, the widely-used container orchestration platform that powers enterprise cloud deployments worldwide. The vulnerability, discovered in the Kubernetes API server component, could allow attackers to bypass authenticatiβ¦
EXECUTIVE BRIEF Security researchers from Horizon Advanced Threat Research have disclosed a critical zero-day vulnerability chain affecting BeyondTrust's Remote Support software suite on January 1, 2025. The vulnerability chain, tracked as CVE-2024-48719 through CVE-2024-48722, allows attackers to achieve remote code execution with elevated privileβ¦
Showing 10 of 30 articles β’ Page 3 of 3
