News related to computer security, privacy and data protection
A critical failure in Ninja Forms' premium File Uploads plugin for WordPress is being exploited in practice and can allow attackers to upload arbitrary files without authenticatio…
A recent incident once again focuses on a risk that companies continue to underestimate: the integration of third parties as means of mass access to sensitive data. According to r…
In recent months, a large-scale cyber-espionage operation has come to light that has taken advantage of domestic routers and small poorly protected offices to "recognize from with…
U.S. security agencies issued an urgent call: a group of Iran-related actors are targeting Rockwell / Allen-Bradley's programmable logical controllers (PLCs) accessible from the I…
A coordinated international operation between authorities and private companies has disarticulated a sophisticated campaign that used domestic and small office routers to redirect…
A new malicious campaign has shown how a tool designed to experiment with stable dissemination models can become a gateway for large-scale criminal operations. Security researcher…
When we talk about the security of credentials, we tend to look at the spectacular: avoid a leak at a millionaire cost. It is understandable: Report on the cost of IBM 2025 data l…
In recent months the security community has turned its eyes to an old acquaintance: the RowHammer. What until recently seemed to be a major memory problem (DRAM) has now made a di…
In the last few months, a rule that every security officer should have in place has become evident: when a malicious actor combines speed, technical knowledge and access to zero-d…
