vulnerabilities

The emergence of DarkSword and Coruna — new malware targeting iOS — shows exactly how government intelligence tools are being repurposed as weapons for cybercriminals. We break down how these attacks work, why they’re so dangerous, and what you can do to not get infected.

How the AirSnitch vulnerability family threatens corporate networks, and what changes you need to make to your network architecture and settings to stay protected.

How to manage vulnerabilities when developing or using open-source software.

How the AI boom and increasing reliance on open-source components are piling up corporate security debt — and what you can actually do about it.

In 2025, just as in the year prior, supply-chain attacks remained one of the most severe threats facing organizations. We’re breaking down last year’s most noteworthy incidents.

How open-source security solutions became the starting point for a massive attack on other popular applications, and what organizations that use them should do.

Intellexa’s Predator spyware can hide camera and microphone usage indicators on iOS devices. Here’s a look at how it pulls it off.

We’re diving into why mental health apps have become a headache for their users, and how to minimize the risks of medical data leaks.

An in-depth analysis of CVE-2026-3102, a vulnerability posing a potential threat to anyone processing images on a Mac.

Kaspersky SIEM got a set of correlation rules for detecting attempts to exploit vulnerabilities for authentication bypass in Fortinet products.

What is the year 2038 problem — also known as “Unix Y2K” — and how to prepare corporate IT systems for it?

Millions of websites based on React and Next.js contain an easy-to-exploit vulnerability that can lead to complete server takeover. How to check if your server is vulnerable, and protect corporate web assets?

How researchers hacked DeckMate 2 card shufflers, and how the mafia exploited those very vulnerabilities to cheat at poker.

Researchers have discovered how to connect to someone else’s dashcam in a matter of seconds, and weaponize it for future attacks.

Here’s how to mitigate the risks of targeted attacks on your organization’s mail servers.

We examine how popular Canon printers could become a foothold for attackers within an organization’s network.

Pixnapping is an Android vulnerability discovered by researchers that allows apps to steal passwords, one-time codes, and other confidential information from the screen without any special permissions from the operating system. How does it work, and what can you do to protect yourself?

Researchers have discovered that 50% of data transmitted via satellites is unencrypted. This includes your mobile calls and texts, along with banking, military, government, and other sensitive information. How did this happen, and what can we do about it?

Can hackers really hijack your car in 2025?

Any game based on the popular Unity engine made in the last eight years can allow attackers to get into your computer or smartphone. Here’s what to do about it.

Phoenix, a new variant of the Rowhammer attack, makes it possible to attack DDR5 memory modules.