Researchers have demonstrated what they call the “first active contactless attack against capacitive touchscreens.” GhostTouch, as it’s called, “uses electromagnetic interference (EMI) to inject fake touch...
Quanta Cloud Technology (QCT) servers have been identified as vulnerable to the severe “Pantsdown” Baseboard Management Controller (BMC) flaw, according to new research published today. “An...
Two trojanized Python and PHP packages have been uncovered in what’s yet another instance of a software supply chain attack targeting the open source ecosystem. One...
Popular video conferencing service Zoom has resolved as many as four security vulnerabilities, which could be exploited to compromise another user over chat by sending specially...
In this day and age, we are not dealing with roughly pieced together, homebrew type of viruses anymore. Malware is an industry, and professional developers are...
Containers revolutionized the development process, acting as a cornerstone for DevOps initiatives, but containers bring complex security risks that are not always obvious. Organizations that don’t...
A security researcher claims to have discovered an unpatched vulnerability in PayPal’s money transfer service that could allow attackers to trick victims into unknowingly completing attacker-directed...
Multiple versions of a WordPress plugin by the name of “School Management Pro” harbored a backdoor that could grant an adversary complete control over vulnerable websites....
Cisco on Friday rolled out fixes for a medium-severity vulnerability affecting IOS XR Software that it said has been exploited in real-world attacks. Tracked as CVE-2022-20821...
Microsoft on Tuesday warned that it recently spotted a malicious campaign targeting SQL Servers that leverages a built-in PowerShell binary to achieve persistence on compromised systems....
