CISA warned that attackers are now exploiting a high-severity Apache ActiveMQ vulnerability, which was patched earlier this ...

Finding vulnerabilities is something the industry has done well, but remediating them hasn't been. Just look at how many ...

A cybersecurity researcher says Recall’s redesigned security model does not stop same-user malware from accessing plaintext ...

It's not even your browser's fault.

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Dany Lepage discusses the architectural ...

vulnerability affects Java version 7u7 and earlier. [ 'URL', 'http://blogs.technet.com/b/mmpc/archive/2012/11/15/a-technical-analysis-on-new-java-vulnerability-cve ...

schierlm / JavaPayload JavaPayload is a collection of pure Java payloads to be used for post-exploitation from pure Java exploits or from common misconfigurations (like not password protected Tomcat ...

The Cybersecurity and Infrastructure Security Agency has ordered federal agencies to patch three critical iOS vulnerabilities that were exploited over a 10-month span in hacking campaigns conducted by ...

An Australian national was sentenced to 87 months in a US prison for stealing trade secrets from a defense contractor and selling them to a Russian cyber-exploit broker. According to documents ...

The United States has intensified its response to zero-day exploits theft, announcing new sanctions against a Russia-linked cyber tools network accused of stealing sensitive U.S. trade secrets and ...

The U.S. government announced on Tuesday sanctions against two companies that acquire and resell zero-day exploits, as well as sanctioning their founders and their associates. Officials with the U.S.