Search Results
Showing results for "seo" (616 articles found)
Autonomous Offensive Security Firm XBOW Raises $35 Million
XBOW, a firm focused on autonomous offensive security, raised $35 million. The funding serves as an extension to its prior Series C round. This capital infusion supports the company’s efforts in developing systems for automated security testing and offensive operations. The announcement appeared on SecurityWeek, confirming the raise occurred before May 7, 2026. XBOW operates...
Ivanti EPMM CVE-2026-6973 RCE Under Active Exploitation Grants Admin-Level Access
Ivanti Endpoint Manager Mobile (EPMM) users face risks from limited real-world attacks exploiting a high-severity vulnerability. The issue, tracked as CVE-2026-6973, enables remote code execution and grants administrative access to affected systems. Ivanti confirmed the flaw’s exploitation on May 6, 2026, urging immediate patching. What Happened Ivanti detected the vulnerability in EPMM versions prior to...
Google's Android Apps Get Public Verification to Stop Supply Chain Attacks
Google has announced expanded Binary Transparency for Android as a way to safeguard the ecosystem from supply chain attacks. "This new public ledger ensures the Google apps on your device are exactly what we intended to build and distribute," Google's product and security teams said. The initiative builds upon the foundation of Pixel Binary Transparency, which Google introduced in October…
Die besten DAST- & SAST-Tools
Tools für Dynamic und Static Application Security Testing helfen Entwicklern, ihren Quellcode zu härten. Wir zeigen Ihnen die besten Tools zu diesem Zweck.Chim | shutterstock.com Die Softwarelieferkette – respektive ihre Schwachstellen – haben in den vergangenen Jahren für viel Wirbel gesorgt. Ein besonders schlagzeilenträchtiges Beispiel ist der Angriff auf den IT-Dienstleister SolarWinds, bei dem mehr als 18.000 Kundenunternehmen betroffen waren.…
ScarCruft Hacks Gaming Platform to Deploy BirdCall Malware on Android and Windows
ScarCruft, a North Korean hacking group, has compromised a gaming platform to distribute BirdCall malware targeting Android and Windows devices. Security researchers detected the operation, which uses the platform to deliver the payload through malicious updates and downloads. Attack Details The hackers breached the gaming platform’s servers, injecting malicious code into legitimate apps and update...
Weaver E-cology RCE Flaw CVE-2026-22679 Actively Exploited via Debug API
Security researchers have confirmed active exploitation of a remote code execution vulnerability in Weaver E-cology software, tracked as CVE-2026-22679. Attackers are targeting the product’s debug API, allowing unauthorized code execution on affected systems as of early May 2026. Vulnerability Details The flaw resides in the debug API of Weaver E-cology, an enterprise application used for...
China-Linked UAT-8302 Targets Governments Using Shared APT Malware Across Regions
A threat actor tracked as UAT-8302, linked to China, has targeted government entities in multiple regions with shared advanced persistent threat (APT) malware, cybersecurity researchers report. The group deploys the same malware samples against official networks in Asia, Europe, and the Middle East. This activity points to coordinated operations spanning borders, according to a recent...
MetInfo CMS CVE-2026-29014 Exploited for Remote Code Execution Attacks
Security researchers have confirmed active exploitation of CVE-2026-29014 in MetInfo CMS, enabling remote code execution on affected servers. Attackers have targeted unpatched installations worldwide since early May 2026, according to multiple threat intelligence reports released this week. Attack Details The vulnerability resides in MetInfo CMS, an open-source content management system used by thousands of websites....
We Scanned 1 Million Exposed AI Services. Here's How Bad the Security Actually Is
Researchers scanned one million exposed AI services and found widespread security failures. The assessment, detailed in a report released this week, shows many services lack basic protections against unauthorized access. Scan Details The team examined publicly accessible AI endpoints, including inference servers and model hosting platforms. They identified over 1 million instances running without authentication....
Physical Cargo Theft Gets a Boost From Cybercriminals
Reports from logistics security firms indicate cybercriminals now assist physical cargo theft rings by providing real-time tracking data and access codes, leading to a sharp rise in incidents across major shipping routes in early 2026. Recent Incidents Cargo theft cases involving cyber elements have increased by double digits in the first quarter of 2026, according...