A critical vulnerability in the Erlang/OTP SSH, tracked as CVE-2025-32433, has been disclosed that allows for unauthenticated remote code execution on vulnerable devices. The flaw was discovered by Fabian Bäumer, Marcus Brinkmann, Marcel Maehren, and Jörg...

Chris Krebs, the former head of the US Cybersecurity and Infrastructure Security Agency (CISA) and a longtime Trump target, has resigned from SentinelOne following a recent executive order that targeted him and revoked the security clearances of everybody at...

Food retail giant Ahold Delhaize confirms that data was stolen from its U.S. business systems during a November 2024 cyberattack. "Based on our investigation to date, certain files were taken from some of our internal U.S. business systems," a spokesperson...

British soldiers have successfully taken down drones with a radio-wave weapon. The demonstrator weapon, a type of Radiofrequency Directed Energy Weapon (RF DEW), uses high-frequency radio waves to disrupt the electronic components inside drones, resulting in...

Over 16,000 internet-exposed Fortinet devices have been detected as compromised with a new symlink backdoor that allows read-only access to sensitive files on previously compromised devices. This exposure is being reported by threat monitoring platform The...

Partner content A vast majority of security teams are overwhelmed by the large number of security alerts and vulnerabilities. As attack surfaces expand and adversaries evolve their tactics, it is becoming increasingly hard to separate noise from actual threat....

Here's what to know about malware that raids email accounts, web browsers, crypto wallets, and more – all in a quest for your sensitive data 16 Apr 2025  •  , 6 min. read In the world of cybercrime, information is a means to an end. And that end, more often...

MITRE Vice President Yosry Barsoum has warned that U.S. government funding for the Common Vulnerabilities and Exposures (CVE) and Common Weakness Enumeration (CWE) programs expires today, which could lead to widespread disruption across the global cybersecurity...

US government funding for the world's CVE program – the centralized Common Vulnerabilities and Exposures database of product security flaws – ends Wednesday. The 25-year-old CVE program plays a huge role in vulnerability management. It is responsible overseeing...

Landmark Admin has issued an update to its investigation of a cyberattack it suffered in May 2024, increasing the number of impacted individuals to 1.6 million. Landmark is a Texas-based third-party administrator (TPA) handling policy accounting, regulatory...