vulnerabilities

Recent research describes a method for snooping on what Apple Vision Pro users enter on the virtual keyboard.

A zero-day vulnerability actively exploited by attackers has been discovered in Internet Explorer — the browser that Microsoft supposedly laid to rest over a year ago.

Someone is targeting security experts using an archive that allegedly contains an exploit for the regreSSHion vulnerability.

The JavaScript CDN service Polyfill.io has started spreading malicious code. Remove the service’s script from your website.

A new vulnerability allows remote attackers to gain root privileges on Linux servers. How easy is it for CVE-2024-6387 to be exploited – and how to prevent it

Based on our analysis of ZKTeco vulnerabilities, we dissect the risks associated with biometric authentication.

Today we discuss which services and applications should be patched first, and what attackers are focusing on.

Kaspersky ICS-CERT experts have discovered several critical vulnerabilities in Telit Cinterion M2M modems, which are used in millions of devices.

A backdoor implanted into XZ Utils has found its way into popular Linux distributions.

We review a recent research paper highlighting a major hardware vulnerability in Apple M1, M2, and M3 CPUs.

Commercial spyware — what it is, how it infiltrates devices, what it can do once inside, and how to defend against it.

Our experts found that a popular children’s toy robot contained vulnerabilities allowing malicious actors to make video calls to it, steal the parental account, and modify the firmware.

A look at the biggest ransomware attacks of 2023.

The KeyTrap DoS attack, which can disable DNS servers with a single malicious packet exploiting a vulnerability in DNSSEC.

A vulnerability in the glibc library affects most major Linux distributions.

Time to update Fortra GoAnywhere MFT: an exploit has been developed for a critical vulnerability that allows attackers to bypass authentication and create admin accounts.

Ethical hackers told 37C3 how they found a few eye-openers while breaking DRM to fix trains.

Cars are sharing much more information about you than you realize

Detailed analysis of Operation Triangulation, the most sophisticated attack our experts have ever seen, presented at 37C3 conference.

A serious vulnerability in UEFI firmware relevant to a large number of modern computers, and even servers.

A researcher has discovered a vulnerability in the Bluetooth protocol implementations for Android, macOS, iOS, and Linux, allowing devices to be hacked remotely.