An authorization bypass through user-controlled key vulnerability [CWE-639] in FortiPortal may allow an authenticated attacker to view unauthorized device information via key modification in API requests. Revised on 2025-06-10...
Read More
Security startups of all stripes submitted applications for Black Hat USA’s Startup...
Read MoreCybersecurity researchers have uncovered multiple security flaws in Dell’s ControlVault3 firmware and its associated Windows APIs that could have been abused by attackers to bypass Windows login, extract cryptographic...
Read MoreCybersecurity researchers have flagged a malicious npm package that was generated using artificial intelligence (AI) and concealed a cryptocurrency wallet drainer. The package, @kodane/patch-manager, claims to offer...
Read MoreCybersecurity researchers have detailed a new cluster of activity where threat actors are impersonating enterprises with fake Microsoft OAuth applications to facilitate credential harvesting as part of account takeover attacks....
Read More