Security
Headlines
HeadlinesLatestCVEs

Tag

#ios

Malwarebytes aces PCMag Readers’ Choice Awards and AVLab Cybersecurity Foundation tests

Malwarebytes earned three PCMag wins and achieved 100% protection in AVLab Cybersecurity Foundation’s latest malware test.

Malwarebytes
Open in Source
#ios#android#windows#git
⚡ Weekly Recap: Lazarus Hits Web3, Intel/AMD TEEs Cracked, Dark Web Leak Tool & More

Cyberattacks are getting smarter and harder to stop. This week, hackers used sneaky tools, tricked trusted systems, and quickly took advantage of new security problems—some just hours after being found. No system was fully safe. From spying and fake job scams to strong ransomware and tricky phishing, the attacks came from all sides. Even encrypted backups and secure areas were put to the test.

The Evolution of SOC Operations: How Continuous Exposure Management Transforms Security Operations

Security Operations Centers (SOC) today are overwhelmed. Analysts handle thousands of alerts every day, spending much time chasing false positives and adjusting detection rules reactively. SOCs often lack the environmental context and relevant threat intelligence needed to quickly verify which alerts are truly malicious. As a result, analysts spend excessive time manually triaging alerts, the

8 Top Application Security Tools (2026 Edition)

The software revolution has redefined what’s possible in global business. Complex applications underpin e-commerce, healthcare, finance, transportation, and…

ASD Warns of Ongoing BADCANDY Attacks Exploiting Cisco IOS XE Vulnerability

The Australian Signals Directorate (ASD) has issued a bulletin about ongoing cyber attacks targeting unpatched Cisco IOS XE devices in the country with a previously undocumented implant known as BADCANDY. The activity, per the intelligence agency, involves the exploitation of CVE-2023-20198 (CVSS score: 10.0), a critical vulnerability that allows a remote, unauthenticated attacker to create an

A New Security Layer for macOS Takes Aim at Admin Errors Before Hackers Do

A design firm is editing a new campaign video on a MacBook Pro. The creative director opens a collaboration app that quietly requests microphone and camera permissions. MacOS is supposed to flag that, but in this case, the checks are loose. The app gets access anyway. On another Mac in the same office, file sharing is enabled through an old protocol called SMB version one. It’s fast and

GHSA-2qfp-q593-8484: Brotli is vulnerable to a denial of service (DoS) attack due to decompression

Brotli versions up to 1.1.0 are vulnerable to a denial of service (DoS) attack due to decompression. This issue has been patched in Brotli version 1.2.0. Additionally, this affects users who implement the Brotli decompression with Scrapy versions up to 2.13.2, leaving them vulnerable to a denial of service (DoS) attack. The protection mechanism against decompression bombs fails to mitigate the brotli variant, allowing remote servers to crash clients with less than 80GB of available memory. This occurs because brotli can achieve extremely high compression ratios for zero-filled data, leading to excessive memory consumption during decompression.

How scammers use your data to create personalized tricks that work

Attackers don’t need to hack you to find you. They just piece together what’s already public.

New "Brash" Exploit Crashes Chromium Browsers Instantly with a Single Malicious URL

A severe vulnerability disclosed in Chromium's Blink rendering engine can be exploited to crash many Chromium-based browsers within a few seconds. Security researcher Jose Pino, who disclosed details of the flaw, has codenamed it Brash. "It allows any Chromium browser to collapse in 15-60 seconds by exploiting an architectural flaw in how certain DOM operations are managed," Pino said in a

Fake PayPal invoice from Geek Squad is a tech support scam

Tina Pal wants a word about your PayPal account—but it's a scam. Here’s how to spot the red flags and what to do if you’ve already called.