Exploits swirling for remote code execution vulnerability (CVE-2025-24813) in open-source Apache Tomcat web server.

Vulnerabilities in Nvidia Riva could allow hackers to abuse speech and translation AI services that are typically expensive.

Threat actors are abusing Microsoft 365 infrastructure in a BEC campaign, and target its users in two brand impersonation ...

The websites of over 100 auto dealerships were found serving malicious ClickFix code in a supply chain compromise.

Nearly 8,000 new vulnerabilities affecting the WordPress ecosystem were reported last year, nearly all in plugins and themes.

The tj-actions/changed-files GitHub Action, which is used in 23,000 repositories, has been targeted in a supply chain attack.

The National Institute of Standards and Technology (NIST) has selected a fifth algorithm (HQC) to add to its PQC portfolio.

A UK government analysis of current best practices for OSS and supply chain risk management finds weaknesses in current ...

US officials said they have not determined who was behind an apparent cyberattack on the social media platform X.

Zoom has patched five vulnerabilities in its Workplace and Rooms applications, including four high-severity flaws.

The rise of DeepSeek brought immense potential for innovation and growth, but has also created opportunities for scammers to ...

The existence of Volt Typhoon came to light in May 2023, when Microsoft reported that the group, which the tech giant linked ...