WebRTC skimmer exploits PolyShell flaw since March 19, hitting 56.7% stores, enabling stealth data theft bypassing CSP.

Attacks leveraging the 'PolyShell' vulnerability in version 2 of Magento Open Source and Adobe Commerce installations are underway, targeting more than half of all vulnerable stores.

The Tycoon 2FA phishing platform’s operations have been largely unaffected by the recent law enforcement takedown attempt.

Last Thursday, the federal government introduced Bill C-22, An Act Respecting Lawful Access. It marks the 10th attempt by successive governments to establish a framework under which law enforcement ...

Two more GitHub Actions workflows have become the latest to be compromised by credential-stealing malware by a threat actor known as TeamPCP, the cloud-native cybercriminal operation also behind the ...

Recent social engineering schemes involving WordPress and Microsoft’s Windows Terminal show that this relatively basic tactic is a growing threat.

Contractors are a vital part of any successful Gordian Job Order Contracting (JOC) program. They are instrumental in helping ...

Beware! Shadowy attackers have been using an iOS exploit to hack vulnerable devices.

Stop putting your API keys everywhere ...

Since November, shadowy attackers have been using the 'DarkSword' iOS exploit to hack vulnerable iPhones on certain iOS 18 ...

A new security report on AI companion apps is drawing attention because it arrives as an identity protection company is dealing with a data exposure incident.