GoDaddy researchers found WordPress malware using Steam Community profile comments to hide encoded command and control data, with nearly 1,980 sites affected.
Tag: community
Global Security News
KDE Linux security audit cuts kernel modules and unused packages
KDE Linux, the in-progress operating system from the KDE community, removed several kernel modules and software packages after a security audit of the components shipped with the system. The work followed the discovery of multiple security issues in the upstream Linux kernel during the prior month. Kernel and module changes Three contributors examined insecure and…
AI, Global Security News
Microsoft Slams Public Zero-Day Disclosures Amid GitHub Researcher Account Removal
Microsoft has come out strongly in favor of Coordinated Vulnerability Disclosure (CVD), urging the research community to share their findings and give affected vendors an opportunity to better understand the impact and address them before they are publicly disclosed. The development comes after a researcher named Chaotic Eclipse (aka Nightmare-Eclipse) disclosed details of multiple zero-day
AI, Global Security News
California amendment would exempt Linux from age verification law
The Linux community had raised concerns that the open-source nature of the software, lacking commercial ownership and centralized account infrastructure, would make enforcing such a policy difficult.
Exploits, Global Security News
You can now nominate vulnerabilities for CISA’s KEV with this form
CISA seeks to engage the wider community to more quickly identify active exploitation.
Global Security News
Flipper One project needs community help to build open Linux platform
Flipper Devices, the maker of the Flipper Zero pentesting tool, is asking the community to help build Flipper One, an open Linux platform for connected devices. […]
Global Security News
Security Researchers Find 47 Zero-Days at Pwn2Own Berlin
The research community was awarded $1.3m as it found dozens of novel vulnerabilities at Pwn2Own Berlin
AI, Cybersecurity, Global Security News
Do Ceasefires Slow Cyberattacks? History Suggests Not
The cybersecurity community is waiting with bated breath to see if Iranian hackers will honor a ceasefire that doesn’t actually name or directly involve them.
AI, Global Security News
Locals Are Using AI to Fight Data Centers Being Built in Their Backyards
Community activists in rural regions are leveraging artificial intelligence to assist in their battle against technology hyperscalers.
AI, APAC, Data Breaches, Endpoint, Global Security News, privacy, Risk Management
HIBP Mega Update: Passkeys, k-Anonymity Searches, Massive Speed Enhancements and a Bulk Domain Verification API
For a hobby project built in my spare time to provide a simple community service, Have I Been Pwned sure has, well, “escalated”. Today, we support hundreds of thousands of website visitors each day, tens of millions of API queries, and hundreds of millions of password searches. We’re processing billions of compromised records each year…
AI, Cybersecurity, Global Security News
All aboard: the NIST Cybersecurity for IoT Program is headed to our next stop! Share your input on where we’re headed during our Future Directions Two-Day Workshop on March 31st.
Workshop Details… We’re looking forward to hearing from the community during our “Future Directions” Workshop! Date: March 31 – April 1, 2026 Where: NIST’s Gaithersburg campus! Registration and Details: HERE Can’t make it? We still want to hear from you – email us at IoTSecurity [at] nist.gov (IoTSecurity[at]nist[dot]gov). All Aboard for Product Cybersecurity The NIST…
AI, Global Security News, Risk Management
Severe Cyclone Narelle Category 5 Approaches with 260km/h Winds, as Readiness Becomes Critical
There is a particular kind of silence that settles over a community before a cyclone hits. It is not calm. It is anticipation. You hear it in the way people speak at the local servo, in the steady cadence of official briefings, in the quiet urgency of people preparing their homes. Far North Queensland is…
AI, Global Security News
VulHunt: Open-source vulnerability detection framework
Binarly has published VulHunt Community Edition, making the core scanning engine from Binarly’s commercial Transparency Platform available to independent researchers and practitioners. What VulHunt does VulHunt Community Edition is a framework for detecting vulnerabilities in compiled software. It operates against multiple binary representations simultaneously, working across disassembly, an intermediate representation layer, and decompiled code. Targets…
AI, APAC, Apps, Compliance, Global Security News, malware, Network Security, privacy, Risk Management
Keeping Google Play & Android app ecosystems safe in 2025
Posted by Vijaya Kaza, VP and GM, App & Ecosystem Trust The Android ecosystem is a thriving global community built on trust, giving billions of users the confidence to download the latest apps. In order to maintain that trust, we’re focused on ensuring that apps do not cause real-world harm, such as malware, financial fraud,…
AI, Global Security News
Anthropic Takes Big Step in AI Race to Reshape College Coding Courses
The company behind Claude forged an alliance to put its AI tools in the hands of students at hundreds of community and state colleges.