Steve Zurier

Users of the popular file transfer app from Progress Software used by 1,700 software companies and 3.5 million developers are urged to patch immediately.

ReversingLabs researchers say the ability to execute malicious Python byte code files poses yet another supply chain risk.

The vulnerability dubbed "Migraine" by Microsoft researchers could let attackers automatically bypass system integrity protection in the macOS. Apple patched the bug on May 18.

A trojan module was distributed on 101 Google Play apps as a marketing software development kit (SDK) with at least 420 million downloads.

If ChatGPT were poisoned for months, would we know about it?

Dig Security researchers said the flaw could have let attackers escalate privileges to a sysadmin role on a container, allowing access to GCP data.

Cado Security researchers believe Legion was developed in Indonesia with an eye toward selling it to other attackers for exploiting cloud services.

Trend Micro researchers say new kernel was an updated version that included inherited samples from earlier research published by Mandiant, Sophos, and Sentinel One.

The vulnerability exists in versions prior to 2.54 of KeePass 2.x and exposes the risk of malicious actors recovering the clear text master password from various memory sources.

Users who already have TikTok installed are exempt from the new law, a major reason security pros believe it will be impossible to enforce, since users can download the app over the next several months before the law goes into effect, download it in another state once the law goes live, or use a VPN.