A sophisticated attack targeting a U.S. chemicals company, where threat actors exploited a critical SAP NetWeaver vulnerability to deploy the elusive Auto-Color backdoor malware.
The April 2025 incident represents the first documented case linking CVE-2025-31324 exploitation with Auto-Color deployment, highlighting the evolving threat landscape...
Vulnerabilities in enterprise Large Language Model (LLM) applications, demonstrating that sophisticated AI systems protecting sensitive corporate data can often be compromised with nothing more than polite conversation.
A comprehensive security analysis reveals that when LLMs are integrated into business applications with access to databases,...
Microsoft has unveiled a comprehensive defense-in-depth strategy to combat indirect prompt injection attacks, a growing cybersecurity threat targeting large language model (LLM) systems used in enterprise environments.
The tech giant's multi-layered approach combines preventative techniques, real-time detection tools, and impact mitigation strategies to protect...
A critical security vulnerability in Google's Gemini CLI tool allowed attackers to execute malicious commands on developers' systems without detection, potentially exposing sensitive credentials and compromising entire development environments.
The vulnerability, discovered by cybersecurity firm Tracebit just two days after the tool's release, has...
Three critical vulnerabilities in SonicWall's SMA100 series SSL-VPN appliances, highlighting persistent security vulnerabilities in network infrastructure devices.
The vulnerabilities, affecting firmware version 10.2.1.15, include two pre-authentication buffer overflow conditions and a cross-site scripting vulnerability, demonstrating what researchers describe as "trivially avoidable" programming errors that...
Apple's newly announced Containerization framework, introduced at WWDC 2025, represents a significant advancement for cybersecurity professionals and developers working on macOS systems.
This open-source Swift framework enables native Linux container execution through lightweight virtual machines, offering seamless integration with popular penetration testing distributions like...