Simply patching isn’t enough to prevent threat actors from exploiting SSL-VPN MFA Bypass CVE-2024-12802; here’s what you need to know.

A malicious Hugging Face repository managed to take a spot in the platform's trending list by impersonating OpenAI's Privacy Filter open-weight model to deliver a ...

Miasma compromised 32 Red Hat packages June 1 via a hijacked CI/CD pipeline producing valid SLSA attestations, then hit 57 more June 3 using Phantom Gyp to evade install monitors. Red Hat confirmed no ...

18 kits, a 37x spike in detections, and every major AiTM vendor adding it to their platform: device code phishing has gone from espionage-grade to criminal commodity. Join Push Security's VP of R&D ...

Welcome to AxonASP 2.1, the definitive, high-performance runtime for executing Microsoft Classic ASP and VBScript in GoLang. We didn't just update the engine; we completely reinvented it. If you ...

Microsoft Threat Intelligence identified a large-scale npm supply chain attack affecting 32 maliciously modified packages across more than 90 versions under the @redhat-cloud-services npm scope. The ...

A production-grade Node.js microservice that automates the full lifecycle of multi-domain (SAN) SSL certificates using the Let's Encrypt ACME protocol (RFC 8555). dns/ ├── src/ │ ├── api/ │ │ ├── ...

Explore the latest news and expert commentary on Application Security, brought to you by the editors of Dark Reading ...

EU sets out plans to reduce reliance on US cloud providers The European Commission on Wednesday unveiled a package of measures to boost competitiveness around the development of AI, cloud and chips.

The CERT Division is a leader in cybersecurity. We partner with government, industry, law enforcement, and academia to improve the security and resilience of computer systems and networks. We study ...