General
20 articles
New GPUBreach attack enables system takeover via GPU rowhammer
A new attack, dubbed GPUBreach, can induce Rowhammer bit-flips on GPU GDDR6 memories to escalate privileges and lead to a full system compromise. [.
Audit finds governance, cybersecurity weaknesses in FAA systems
FedScoop reports that the Federal Aviation Administration was discovered by the Department of Transportation's Office of the Inspector General to have multip...
CISA to get significant budget cuts under Trump's fiscal 2027 budget
Funding for the Cybersecurity and Infrastructure Security Agency is set to be reduced by a total of $707 million in President Donald Trumps proposed budget f...
How we built Organizations to help enterprises manage Cloudflare at scale
Cloudflare Organizations is now in public beta, introducing a new management layer for enterprise customers with multiple accounts. Learn how we consolidated...
Cyber incident disrupts Massachusetts' emergency communications center
Massachusetts' Patriot Regional Emergency Communications Center disclosed that a cyberattack on a system linked to the emergency notification system CodeRED ...
Total takeover of Nvidia GPU-based devices possible with novel Rowhammer attacks
Machines running high-performance Nvidia GPU cards, which are prevalent in cloud environments, could be completely hijacked through three new Rowhammer intru...
Extensive compromise facilitated by dozens of illicit npm packages
Thirty-six malicious npm packages masquerading as Strapi CMS plugins have been spreading multiple payloads enabling Redis and PostgreSQL abuse, reverse shell...
Evolving Russian cyberattacks against Ukraine detailed
Attacks launched by Russian threat actors against Ukraine were noted by Ukraine's Computer Emergency Response Team to have been evolving during the past year...
1Kosmos achieves DoD Impact Level 4 authorization for identity platform
1Kosmos has secured U.S.
Identity, access controls central to modern protection, execs say
As World Cloud Security Day highlights cloud-related risks, executives from Docusign, BeyondTrust, and Saviynt argue that identity, data sovereignty, and bas...
FBI: Cyber fraud surges to $17.6 billion in losses as scams, crypto theft soar
Cyber-enabled fraud was behind 85% of all losses reported to the FBI in 2025 and constituted 45% of the 1,008,597 complaints it's IC3 unit received overall.
Why Every Enterprise Needs a Risk Operations Center (ROC)
Enterprise security has long optimized for speed of response over prevention of risk. At Qualys, we recognized early that this left half the problem unsolved...
Big tech vows to continue CSAM scanning in Europe despite expiration of law allowing it
Microsoft, Google, Meta and Snapchat released a statement on Friday saying they “reaffirm their continued commitment to protecting children and preserving pr...
Microsoft fixes Classic Outlook bug causing email delivery issues
Microsoft has resolved a known issue that was preventing some Classic Outlook users from sending emails via Outlook.com.
New Mexico’s Meta Ruling and Encryption
Mike Masnick points out that the recent New Mexico court ruling against Meta has some bad implications for end-to-end encryption, and security in general: If...
Microsoft removes Support and Recovery Assistant from Windows
Microsoft has deprecated and removed the Support and Recovery Assistant (SaRA) command-line utility from all in-support versions of Windows updates starting ...
First stalkerware maker prosecuted since 2014 receives no jail time
Bryan Fleming, founder of pcTattletale, was ordered to pay a $5,000 fine by a San Diego federal judge and will spend no time in prison beyond the one day he ...
pcTattleTale stalkerware maker sentence includes fine, supervised release
Bryan Fleming won’t face prison time for a count to which he pled guilty in January, in a rare case of a successful U.S.
MCP isn't a protocol problem. It's an identity crisis nobody is treating.
MCP’s real risk isn’t protocol flaws — it’s missing identity, leaving AI actions untraceable.