Mar 24, 2025Ravie LakshmananVulnerability / Cloud Security
A set of five critical security shortcomings have been disclosed in the Ingress NGINX Controller for Kubernetes...
Mar 24, 2025Ravie LakshmananEnterprise Security / Browser Security
Microsoft on Monday announced a new feature called inline data protection for its enterprise-focused Edge for...
Mar 24, 2025Ravie LakshmananMalware / Ransomware
A ransomware-as-a-service (RaaS) operation called VanHelsing has already claimed three victims since it launched on March 7, 2025.
"The...
Mar 24, 2025Ravie LakshmananPassword Security / Compliance
If given the choice, most users are likely to favor a seamless experience over complex security measures,...
Mar 24, 2025Ravie LakshmananMalware / Encryption
Cybersecurity researchers have uncovered two malicious extensions in the Visual Studio Code (VSCode) Marketplace that are designed to...
Mar 24, 2025Ravie LakshmananWeekly Recap / Hacking
A quiet tweak in a popular open-source tool opened the door to a supply chain breach—what started...
Mar 24, 2025Ravie LakshmananVulnerability / Web Security
A critical security flaw has been disclosed in the Next.js React framework that could be potentially exploited...
The supply chain attack involving the GitHub Action "tj-actions/changed-files" started as a highly-targeted attack against one of Coinbase's open-source projects, before evolving into...
Mar 22, 2025Ravie LakshmananFinancial Security / Cryptocurrency
The U.S. Treasury Department has announced that it's removing sanctions against Tornado Cash, a cryptocurrency mixer service...
