Google Protocol Buffers flaw turns schemas into shells
A widely used JavaScript implementation of Google’s Protocol Buffers format is placing too much trust in […]
15 tough cybersecurity questions every CISO must answer
As CISOs know, an effective security program cannot be static. Rather, it must adapt to the […]
Why most enterprise security teams would fail a military readiness test
Have you ever watched a military cyber ops team go to work responding to a cyberattack […]
HTTP/2’s speed abused to slow webserver performance in DoS attack
Security researchers are warning of an issue with the default HTTP/2 configuration used by major web […]
Ukraine’s foreign minister offer recipe for improved resilience
Cybersecurity professionals were offered lessons of resilience in the most extreme circumstances from Ukraine’s former minister […]
Microsoft identifies seven new ways AI agents can be hacked
Microsoft has identified seven new failure modes in agentic AI systems, in addition to those it […]
Patching fast and slow: Ruby devs delay to defend against supply chain attack
The team behind RubyGems, a package hosting site for Ruby developers, has added a new feature […]
Anthropic Warning: AI Could Help Build Its Own Successors Sooner Than Expected
Anthropic warns AI systems may soon help build their own successors, raising new questions for AI […]
Malware could drain your fuel tank as well as your bank account
Ongoing cyber-attacks on automated tank gauges (ATGs) could result in fuel tanks being drained without businesses […]
Cyber Deception ROI: Metrics Security Leaders Should Actually Care About
Security leaders are under constant pressure to prove value. The kind that shows up in reduced […]