One famous case of a major telecom player involved 10 million customer accounts being breached, and days later, an extortion demand for $1 million pounds cash was also made. The weak link? A forgotten ‘Zombie API.’

What is the worst that could happen if you don’t continuously test your web application for vulnerabilities? Imagine if 4 billion private messages from 650 million of your users were leaked online. This nightmare became a harsh reality for Discord in April 2024.

A new Cross-Site Request Forgery (CSRF) vulnerability has been discovered in PowerAdmin. This vulnerability poses a significant risk, potentially compromising user data and disrupting the designated functionality across roles.

Penetration Testing in cyber security is a vital process that aids in evaluating an application’s security through hacker-style exploitation to expose and assess security risks. Security risks can be present in various areas such as system configuration settings, and, login methods.

Modern software is built on the backs of APIs (Application Programming Interface). It unites separate bits of the web, allowing systems to communicate with each other. With APIs being used on such a wide scale, managing them becomes a mammoth task.

Vulnerability scanning is a process where an automated tool is used to scan IT networks, applications, devices, and other internal or external assets of an organization for known potential security loopholes and vulnerabilities. At the end of every vulnerability scan, you receive a report that documents the vulnerabilities that were found along with risk scores for each vulnerability and in some cases security recommendations.

Two vulnerabilities—stored XSS and insecure file upload— have been detected in the Alpha 0.5 version of CervantesSec. This article will outline what CervantesSec does, the vulnerabilities found, and its current status.

Cybersecurity is the most crucial curve in today’s rapidly evolving digital landscape, and all organizations of any size need to be at the forefront of it. With AI becoming mainstream, new emerging trends shape the cybersecurity industry daily.

Recently, Qualys identified a new remote unauthenticated Code Execution (RCE) vulnerability in OpenSSH’s server (sshd) in glibc-based Linux systems, nicknamed regreSSHion (CVE-2024-6387).

Cyber threats are getting more sophisticated and frequent. As a result, organizations are always looking for ways to outsmart cybercriminals. This is where artificial intelligence (AI) comes in handy. Artificial intelligence (AI) is transforming the cybersecurity landscape by offering faster, more precise, and more efficient means of identifying cyber threats.