89% of AI-powered APIs rely on insecure authentication mechanisms

APIs have emerged as the predominant attack surface over the past year, with AI being the biggest driver of API security risks, according to Wallarm. “Based on our findings,... Read more »

How to use Hide My Email to protect your inbox from spam

Hide My Email is a service that comes with iCloud+, Apple’s subscription-based service. It allows users to generate one-time-use or reusable email addresses that forward messages to their personal... Read more »

Aquabot variant v3 targets Mitel SIP phones

A new variant of the Mirai-based botnet Aquabot targets vulnerable Mitel SIP phones to recruit them into a DDoS botnet. Akamai researchers spotted a new variant of the Mirai-based... Read more »

U.S. CISA adds Apple products’ flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apple products’ flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Apple Multiple Products Use-After-Free... Read more »

DeepSeek Chatbot Beats OpenAI on App Store Leaderboard

The Chinese firm said training the model cost just $5.6 million. Alibaba Cloud followed with a new generative AI model, while Microsoft alleges DeepSeek ‘distilled’ OpenAI’s work. Read more »

Zyxel CPE devices under attack via critical vulnerability without a patch (CVE-2024-40891)

CVE-2024-40891, a command injection vulnerability in Zyxel CPE Series telecommunications devices that has yet to be fixed by the manufacturer, is being targeted by attackers, cybersecurity company Greynoise has... Read more »

Critical remote code execution bug found in Cacti framework

A critical flaw in Cacti open-source network monitoring and fault management framework that could allow remote code execution. Cacti is an open-source platform that provides a robust and extensible operational... Read more »

Swimlane Vulnerability Response Management offers risk-based prioritization

Swimlane announced Vulnerability Response Management (VRM) Solution that extends beyond siloed vulnerability management by offering risk-based prioritization, exploit intelligence and recommended remediation workflows. Swimlane AI automation solutions combine the... Read more »

DeepSeek’s popularity exploited by malware peddlers, scammers

As US-based AI companies struggle with the news that the recently released Chinese-made open source DeepSeek-R1 reasoning model performs as well as theirs for a fraction of the cost,... Read more »

Attackers actively exploit a critical zero-day in Zyxel CPE Series devices

Experts warn that threat actors are actively exploiting critical zero-day vulnerability, tracked as CVE-2024-40891, in Zyxel CPE Series devices. GreyNoise researchers are observing active exploitation attempts targeting a zero-day, tracked as... Read more »
Subscribe to our Newsletter