Open-source vulnerabilities are on the rise, but enterprises are struggling to effectively prioritize and remediate these threats.
IBM X-Force discovered a zero-day remote code execution vulnerability in TP-Link Wi-Fi extenders that could enable an attacker to command a device.
In addition to oil and gas companies, the XENOTIME threat group has begun targeting electric utility organizations located in the U.S. and elsewhere.
In theory, dealing with BlueKeep should be no different from dealing with other vulnerabilities. Unfortunately, many organizations are lagging in their patch management efforts.
Application containers can reduce costs and streamline software development, but they also increase the attack surface, necessitating strict adherence to container security best practices.
Threat actors could use a recently discovered Windows 10 zero-day flaw to take over a computer and bypass local privilege escalation.
The new BlackSquid malware is capable of abusing eight notorious exploits in its attempts to install the XMRig Monero miner.
Threat actors have launched a new malware campaign that uses an MitM attack to infect unsuspecting users with the Plead backdoor.
Whether you're a small startup or an international enterprise, a successful application security program involves more than just scanning for vulnerabilities.
Researchers published two pieces of exploit code that can allow anyone to interact with an organization's SAP enterprise resource planning platform and perform unauthorized transactions.