There were some changes to the recently updated OWASP Top 10 list, including the addition of supply chain risks. But old ...

Critical n8n v CVE-2026-25049 allows authenticated workflow abuse to execute system commands and expose server data.

Critical remote code execution and database theft flaws highlight patching gaps and the hidden risk inside business ...

SportAdmin, a Swedish software supplier to sports clubs, has been fined €565,000 for failing to provide an appropriate level ...

January 2026 was a wake-up month for enterprise security teams. In a single week, CERT-In released three high-severity ...

Cybersecurity researchers have discovered a vulnerability in Google’s Gemini AI assistant that allowed attackers to leak private Google Calendar data ...

Microsoft has patched 112 vulnerabilities in January 2026, including CVE-2026-20805, a Desktop Window Manager zero-day that ...

Cybersecurity experts share insights on securing Application Programming Interfaces (APIs), essential to a connected tech world.

Threat actors behind the campaign are abusing Microsoft Visual Studio Code’s trusted workflows to execute and persist malicious code. Threat actors behind the long-running Contagious Interview ...

Financial applications, ranging from mobile banking apps to payment gateways, are among the most targeted systems worldwide. In 2025 alone, the Indusface State of Application Security Report revealed ...

Office workers without AI experience warned to watch for prompt injection attacks - good luck with that Anthropic's tendency to wave off prompt-injection risks is rearing its head in the company's new ...

An AWS misconfiguration in its code building service could have led to a massive number of compromised key AWS GitHub code repositories and applications, say researchers at Wiz who discovered the ...