The Fragile Lock: Novel Bypasses For SAML Authentication
TLDR This post shows how to achieve a full authentication bypass in the Ruby and PHP SAML ecosystem by exploiting several parser-level inconsistencies: inclu...
Aggregating 6743 articles from trusted cybersecurity sources
TLDR This post shows how to achieve a full authentication bypass in the Ruby and PHP SAML ecosystem by exploiting several parser-level inconsistencies: inclu...
Posted by Liz Prucka, Hamzeh Zawawy, Rishika Hooda, Android Security and Privacy Team Last year, Google's Android Red Team partnered with Arm to conduct an i...
Is your organization’s senior leadership vulnerable to a cyber-harpooning? Learn how to keep them safe.
Posted by Nathan Parker, Chrome security team Chrome has been advancing the web’s security for well over 15 years, and we’re committed to meeting new challen...
Summary Note: This joint Cybersecurity Advisory is being published as an addition to the Cybersecurity and Infrastructure Security Agency (CISA) May 6, 2025,...
Identity is effectively the new network boundary. It must be protected at all costs.
Posted by Aden Haussmann, Associate Product Manager and Sumeet Sharma, Play Partnerships Trust & Safety Lead Android uses the best of Google AI and our advan...
MuddyWater targets critical infrastructure in Israel and Egypt, relying on custom malware, improved tactics, and a predictable playbook
From LinkedIn to X, GitHub to Instagram, there are plenty of opportunities to share work-related information. But posting could also get your company into tr...
Data exposure by top AI companies, the Akira ransomware haul, Operation Endgame against major malware families, and more of this month's cybersecurity news
Online disagreements among young people can easily spiral out of control. Parents need to understand what’s at stake.
Social media influencers can provide reach and trust for scams and malware distribution. Robust account protection is key to stopping the fraudsters.
Hackers reportedly gained access to HSIN servers in late May and early June, potentially exposing sensitive but unclassified information.
Hackers gained access to Aflac Japan's systems between June 15 and June 25, stealing personal information from the company's policyholder portal.
A suspected Scattered Spider member has been extradited to the United States to face charges linked to cyberattacks against U.S.
Healthcare device firm Medtronic is notifying affected customers about a data breach that exposed their personal data to an unauthorized third party. [.
The controversy surfaced when former Huntress analyst Ben Folland alleged that a current employee disclosed law enforcement inquiries to Devman, a ransomware...
A complaint unsealed this week accuses a 19-year-old of participating in incidents including a breach of a "luxury-jewelry retailer" in 2025.
Intruder has announced the launch of its Free plan, providing security, IT, and DevOps teams ongoing access to professional-grade vulnerability management, c...
The Gentlemen ransomware group has emerged in 2026 as a highly adaptive and technically sophisticated ransomware-as-a-service (RaaS) operation targeting larg...
Aflac Japan has notified regulators that policy details and personal and banking information have been compromised
Nissan says employees' data was stolen via the Oracle PeopleSoft zero-day campaign
Hackers stole data from 4.38 million Aflac Japan customers after accessing its systems for 10 days before the breach was detected.
Hackers accessed the insurance giant’s policyholder portal multiple times between June 15 and June 25. The post Aflac Japan Data Breach Impacts 4.