A newly discovered attack on the HTTP/2 protocol, dubbed MadeYouReset, has been unveiled by researchers from Tel Aviv University and disclosed following coordinated reporting through Akamai’s bug bounty program. Although Akamai’s own HTTP/2 implementation...
The Muddled Libra network—also known as Scattered Spider or Octo Tempest—lacks the rigid hierarchy and centralized control typical of many cybercriminal organizations. Instead, it resembles a loosely connected community of individual threat actors, bound...
Researchers from University College London and the University of the Mediterranean in Reggio Calabria, Italy, have conducted the first large-scale investigation into privacy practices among generative AI assistants for web browsers, revealing that even...
Israel’s military intelligence unit, Unit 8200—specializing in cyber-espionage and electronic surveillance—has been using Microsoft’s cloud servers to store a vast archive of data on residents of Gaza and the West Bank. This trove, leveraged...
Google has announced that the protected KVM (pKVM) hypervisor, used within the Android Virtualization Framework, has become the world’s first software component for mass-market consumer electronics to achieve the SESIP Level 5 security certification....
Microsoft has alerted Windows 11 users to a new false notification that appears after installing the July 2025 preview update and subsequent 24H2 releases. The issue is linked to the CertificateServicesClient (CertEnroll) component and...
Microsoft has released a new video interview with Pavan Davuluri, head of Windows, in which he outlined the company’s vision for the platform’s evolution and the transformative role artificial intelligence will play. When asked...
Fortinet has disclosed a critical vulnerability in its FortiSIEM system, already accompanied by a working exploit circulating publicly. The flaw enables a remote, unauthenticated attacker to execute arbitrary commands on the targeted system, making...
The Matrix Foundation, the organization behind the eponymous federated communication protocol, has announced the release of an unscheduled update addressing two high-severity vulnerabilities which, if successfully exploited, could have had critical consequences. According to...
Although passkeys are promoted as a passwordless, phishing-resistant, and inherently secure authentication method, Proofpoint researchers warn that such protection can be bypassed with relative ease. Under certain conditions, an attacker can force a user...