Menu



Latest articles

Fake call logs, real payments: How CallPhantom tricks Android users ESET researchers uncovered fraudulent apps on Google Play that claim to provide the call history “for any number” and had been downloaded more than seven million times before being taken down
May 8, 2026
Fixing the password problem is as easy as 123456 How come it’s still possible to ‘secure’ an online account with a six-digit string?
May 8, 2026
Worm rubs out competitor’s malware, then takes control
May 8, 2026
‘Dirty Frag’ Linux flaw one-ups CopyFail with no patches and public root exploit
May 8, 2026
Meta U-turns on encryption push for Instagram as DMs go plaintext
May 8, 2026
Important: git-lfs security update
May 8, 2026
Multiple vulnerabilities have been discovered in the Apache HTTP server, which may result in remote code execution, privilege escalation, denial of service or information disclosure. For Debian 11 bullseye, these problems have been fixed in version 2.4.67-1~deb11u1.
May 8, 2026
Hackers ate my homework: Educational SaaS Canvas down after cyberattack
May 8, 2026
Lua could be made to crash or run programs as your login if it opened a specially crafted file.
May 8, 2026
Meta fights Ofcom over how many billions count as billions
May 8, 2026
Sri Lanka makes 37 arrests as it raids another scam centre
May 8, 2026
12 model-level deep cuts to slash AI training costs
May 8, 2026
When cloud giants meddle in markets
May 8, 2026
Python isn’t always easy
May 8, 2026
Starman versions before 0.4018 for Perl allows HTTP Request Smuggling via Improper Header Precedence. Starman incorrectly prioritizes “Content-Length” over “Transfer-Encoding: chunked” when both headers are present in an HTTP request. Per RFC 7230 3.3.3, Transfer-Encoding must take precedence. An attacker could exploit this to smuggle malicious HTTP requests via a front-end reverse
May 8, 2026
Validate RSA_public_encrypt() result in RSASVE
May 8, 2026
Starman versions before 0.4018 for Perl allows HTTP Request Smuggling via Improper Header Precedence. Starman incorrectly prioritizes “Content-Length” over “Transfer-Encoding: chunked” when both headers are present in an HTTP request. Per RFC 7230 3.3.3, Transfer-Encoding must take precedence. An attacker could exploit this to smuggle malicious HTTP requests via a front-end reverse
May 8, 2026
13 new critical holes in JavaScript sandbox allow execution of arbitrary code
May 8, 2026
https://security-tracker.debian.org/tracker/DSA-6253-1
May 8, 2026
https://security-tracker.debian.org/tracker/DSA-6254-1
May 8, 2026
https://security-tracker.debian.org/tracker/DSA-6255-1
May 8, 2026
https://security-tracker.debian.org/tracker/DSA-6256-1
May 8, 2026
https://security-tracker.debian.org/tracker/DSA-6257-1
May 8, 2026
Mozilla boasts Mythos boosted Firefox bug cull
May 7, 2026
https://security-tracker.debian.org/tracker/DSA-6249-1
May 7, 2026
The best new features in Python 3.15
May 7, 2026
Anthropic response to 1-click pwn: Shouldn’t have clicked ‘ok’
May 7, 2026
Container Security Misconfigurations That Still Go Unnoticed
May 7, 2026
60% of MD5 password hashes are crackable in under an hour
May 7, 2026
Teradata launches platform for enterprise AI agents moving beyond pilots
May 7, 2026
CrackArmor AppArmor Flaws Put Linux Containers and Snap Sandboxes at Risk
May 7, 2026
Developing a Successful Open Source Security Information Management System
May 7, 2026
Several security issues were fixed in the Linux kernel.
May 7, 2026
Several security issues were fixed in the Linux kernel.
May 7, 2026
Several security issues were fixed in the Linux kernel.
May 7, 2026
May 7, 2026
May 7, 2026
The network password was a key plot point in one of the most famous movies of all time
May 7, 2026
Several security issues were fixed in the Linux kernel.
May 7, 2026
The hidden cost of front-end complexity
May 7, 2026
Three skills that matter when AI handles the coding
May 7, 2026
MongoDB targets AI’s retrieval problem
May 7, 2026
https://security-tracker.debian.org/tracker/DSA-6250-1
May 7, 2026
https://security-tracker.debian.org/tracker/DSA-6251-1
May 7, 2026
https://security-tracker.debian.org/tracker/DSA-6252-1
May 7, 2026
Smashing Security podcast #466: Meta sees everything, Copy Fail, and a deepfake gets hired
May 6, 2026
ServiceNow clears agents for landing with new AI control tower
May 6, 2026
Arctic Wolf kicks 250 employees out of the pack to save money for AI
May 6, 2026
1 in 8 employees totally cool with selling work credentials
May 6, 2026
A rigged game: ScarCruft compromises gaming platform in a supply-chain attack ESET researchers have investigated an ongoing attack by the ScarCruft APT group that targets the Yanbian region via backdoor-laced Windows and Android games
May 6, 2026