A new malware-as-a-service (MaaS) platform named Atroposia provides cybercriminals a remote access trojan that combines capabilities for persistent access, evasion, data theft, and local vulnerability ...

Threat actors are building fully automated attack pipelines in which new exploit code is simply fed to the system —or even ...

Applications built by citizen developers using no-code platforms expand the attack surface without the same checks and balances as traditional development.

The Anti-Malware Security and Brute-Force Firewall plugin for WordPress, installed on over 100,000 sites, has a vulnerability that allows subscribers to read any file on the server, potentially ...

Hackers have been using AI for years now to conduct individual tasks such as crafting phishing emails or scanning the ...

As MCP servers become more popular, so do the risks. To address some of the risks many vendors have started to offer products ...

A SBOM must be treated as a living document, updated with every code change, new release, or patch. Threat actors won't ...

A major vulnerability is the "patch gap"—the often-months-long delay between when software vendors release security fixes and ...

Discover the security risks in vibe-coded applications as we uncover over 2,000 vulnerabilities, exposed secrets, and PII ...

Every year, cyber-attacks cost businesses billions of dollars and over 80% of security breaches are linked to software vulnerabilities that could have been found with proper penetration testing tools.

Currently in private beta, the GPT-5-powered security agent scans, reasons, and patches software like a real researcher, ...