OWASP’s 2021 List Shuffle: A New Battle Plan and Primary Foe
Code injection attacks, the infamous king of vulnerabilities, have lost the top spot to broken access control as the worst of the worst, and developers need to take notice. In…
Squirrel Engine Bug Could Let Attackers Hack Games and Cloud Services
Researchers have disclosed an out-of-bounds read vulnerability in the Squirrel programming language that can be abused by attackers to break out of the sandbox restrictions and execute arbitrary code within…
At least 13 phone firms hit by suspected Chinese hackers since 2019, say experts
LightBasin hackers were able to obtain subscriber information and call metadata, says CrowdStrike At least 13 phone companies around the world have been compromised since 2019 by sophisticated hackers who…
A New Variant of FlawedGrace Spreading Through Mass Email Campaigns
Cybersecurity researchers on Tuesday took the wraps off a mass volume email attack staged by a prolific cybercriminal gang affecting a wide range of industries, with one of its region-specific…