Software giant Microsoft has open-sourced its internal tool for generating SBOMs (software bill of materials) as part of a move to help organizations be more transparent about supply chain relationships between components used when building a software product.
Microsoft has issued an urgent Patch Tuesday bulletin to warn of in-the-wild zero-day exploitation of a privilege escalation flaw in the Windows operating system.
Software maker Adobe has rolled out a major security update for its flagship Acrobat and Reader products to fix at least 22 documented vulnerabilities, some serious enough to cause arbitrary code execution attacks.
Cybersecurity firm Emsisoft has released free decryptor tools for AstraLocker, a “smash-and-grab” ransomware family that was recently retired.
OpenSSL has issued an urgent advisory to warn of a memory corruption vulnerability that exposes servers to remote code execution attacks.
The vulnerability, tracked as CVE-2022-2274, was introduced in OpenSSL 3.0.4 and could potentially allow malicious hackers to launch remote code attacks on unpatched SSL/TLS server side devices.
Faced with a surge in state-sponsored mercenary spyware attacks targeting its flagship iOS platform, Apple plans to add a new ‘Lockdown Mode’ that significantly reduces attack surface and adds technical roadblocks to limit sophisticated software exploits.
Security researchers at ReversingLabs are warning of a “significant escalation in software supply chain attacks” after discovering more than two dozen malicious NPM packages siphoning user data from mobile and desktop applications.
The United States Department of Defense (DoD) has launched a one-week bug bounty program to reward researchers who find high- and critical-severity vulnerabilities in publicly accessible assets owned by the DoD.
Security automation startup Swimlane on Wednesday announced it has raised $70 million in a Series C funding round that brings the total investment in the company to $170 million.
A new variant of the Hive ransomware written using the Rust programming language is more evasive and provides attackers with flexibility, courtesy of support for command-line parameters.
Impostazioni privacy
Questo sito utilizza i cookie per migliorare la tua esperienza di navigazione su questo sito.
