Microsoft Edge password saving practice raises security concerns
The browser reportedly converts saved passwords into plaintext within the computer's memory as soon as the application launches, making them vulnerable to un...
SC Media
20 articles
California man sentenced to over 6 years for role in $250 million cryptocurrency heist
The criminal ring targeted individuals believed to hold significant cryptocurrency between late 2023 and early 2025, using social engineering to gain access ...
U.S. oil and gas sector faces OT security challenges post-Operation Epic Fury
A survey of OT decision-makers in the U.S.
US military data exposed in leaky directory despite CISA notification
The exposed data, belonging to US government contractor CMI Management Inc., was found via an open directory listing vulnerability following a tip to Cybernews.
DDoS attacks surge during Milano Cortina 2026 Winter Games
During the Winter Games period, from February 6 to February 23, 2026, attack volumes were six to 10 times higher than historical levels, peaking at over 2,20...
Romanian national extradited to US for 17-year-old hacking scheme
Sandu appeared in a U.S.
UIDAI and NFSU forge 5-year cybersecurity and digital forensics partnership
This strategic alliance, formalized on May 5 in Ahmedabad, establishes a framework to enhance cyber resilience within UIDAI's digital identity ecosystem.
Children easily bypass online age verification systems, report finds
The report highlights that children are aware of multiple methods to bypass these checks, either through personal experience or peer knowledge.
Analysis reveals concerning features in official White House app
A security researcher known as Thereallo has found that the app can inject code into third-party websites, effectively hiding cookie consent banners, GDPR no...
Tanium and ServiceNow partner for autonomous IT operations
The collaboration merges Tanium's real-time endpoint intelligence with ServiceNow's workflow orchestration to address the gap between IT visibility and action.
Fragmented DDoS campaign bypasses defenses with novel 'low and slow' approach
The attack, identified by DataDome's Galileo threat research team, utilized a vast infrastructure, distributing traffic across over 1.2 million unique IP add...
Apache fixes critical HTTP/2 vulnerability allowing remote code execution
The vulnerability, identified as CVE-2026-23918 with a CVSS score of 8.8, is a double-free error within the HTTP/2 implementation.
Herd Security raises $3 million for AI-powered security training
Founded in 2025, Herd Security provides an agentic AI platform designed for continuous security awareness training.
Boost Security acquires 2 startups, raises $4 million for AI defense platform
Boost Security has acquired SecureIQx, an MIT-founded startup specializing in software composition analysis reachability, and Korbit Technologies, an AI-driv...
CISA urges critical infrastructure to plan for prolonged service delivery during emergencies
CISA is warning that state-sponsored hackers, specifically Chinese groups known as Salt Typhoon and Volt Typhoon, pose a continuous threat to vital sectors s...
India's securities regulator warns of AI-driven cyberattack risks
The Indian regulator's advisory specifically addresses the risks posed by AI-driven vulnerability identification tools, such as Claude Mythos.
New Quasar Linux implant targets developers with rootkit and backdoor capabilities
QLNX is designed for stealth and long-term persistence, operating in-memory and employing multiple techniques to evade detection, including log wiping, proce...
The human factor: Why AI-powered SOCs still need people in charge
AI agents shouldn't replace human security analysts but instead augment them.
The vulnerability flood is here. Patching won't save you.
AI-driven vulnerability discovery is outpacing patch cycles, forcing defenders to prioritize detection.