Exploits swirling for remote code execution vulnerability (CVE-2025-24813) in open-source Apache Tomcat web server.

Vulnerabilities in Nvidia Riva could allow hackers to abuse speech and translation AI services that are typically expensive.

Threat actors are abusing Microsoft 365 infrastructure in a BEC campaign, and target its users in two brand impersonation ...

The websites of over 100 auto dealerships were found serving malicious ClickFix code in a supply chain compromise.

Nearly 8,000 new vulnerabilities affecting the WordPress ecosystem were reported last year, nearly all in plugins and themes.

The tj-actions/changed-files GitHub Action, which is used in 23,000 repositories, has been targeted in a supply chain attack.

The National Institute of Standards and Technology (NIST) has selected a fifth algorithm (HQC) to add to its PQC portfolio.

US officials said they have not determined who was behind an apparent cyberattack on the social media platform X.

The rise of DeepSeek brought immense potential for innovation and growth, but has also created opportunities for scammers to ...

Zoom has patched five vulnerabilities in its Workplace and Rooms applications, including four high-severity flaws.

A recently disclosed Edimax zero-day vulnerability has been exploited in the wild by Mirai botnets for nearly a year.

The Trump administration has cut millions of dollars in federal funding from two cybersecurity initiatives, including one ...