Cybersecurity specialists published a report detailing the finding of what they describe as a “design flaw” in the Fast Identity Online (FIDO) passwordless authentication system. The report, titled “Provable SecurityRead More →

Shadowserver Foundation, a non-profit security organization dedicated to collecting and analyzing data on malicious Internet activities, undertook a project to scan the Internet for Kubernetes API servers, finding some 380kRead More →

A recent research has shown that various tracking, marketing and analytics companies have collected the email addresses of users who fill out web forms before their responses are sent andRead More →

In its latest security alert, the Cybersecurity and Infrastructure Security Agency (CISA) has compiled a list of the most popular free security tools and services, which can be used byRead More →

In a statement, the U.S. Department of Homeland Security (DHS) announced the launching of “Hack DHS”, a new vulnerability bounty program that will allow the ethical hacking community to discoverRead More →

Pip-audit is a tool developed in collaboration with Google for scanning Python environments and detecting possible known security flaws. According to cybersecurity experts, Pip-audit uses the PyPi JSON API forRead More →

A few months ago a group of researchers discovered the ChaosDB vulnerability, a severe flaw in the Azure Cosmos DB database solution whose exploitation would allow threat actors to accessRead More →

Cisco Talos cybersecurity researchers report the detection of an espionage campaign against the airline industry, using hacking tools such as AsyncRAT and other remote access Trojans (RATs). This campaign, identifiedRead More →