The emergence of generative Artificial Intelligence (AI), such as text-to-image, text-to-speech, and Large Language Models (LLMs), has created new security challenges and risks.

Joseph Ravichandran, a Ph.D. student at the Massachusetts Institute of Technology (MIT) and an Apple Vision Pro user, says they have discovered vulnerabilities in the popular Augmented Reality (AR) headset.

A critical supply chain bug in Bazel, Google's open-source software development tool, allowed hackers to insert malicious code.

Student rideshare startup HopSkipDrive has recently confirmed a data breach involving the personal data of more than 155,000 drivers.  Los Angeles-based HopSkipDrive offers an Uber-style rideshare service for children and teenagers.

A flaw was discovered in Flysmart+ Manager, one of several apps in the Flysmart+ suite used by Airbus pilots to synchronize data with other Flysmart+ apps that inform pilots about safe takeoffs and landings.

A new variant of the Mispadu banking Trojan is exploiting a now-patched Windows SmartScreen security bypass flaw to compromise users in Mexico.

The rise in teens committing cybercrimes on a large scale and causing real harm in the process should not be ignored.

Fuzzing can be an effective tool for identifying zero-day vulnerabilities in software.

The Pennsylvania Courts system has recently been hit by a cyberattack, taking down parts of its website.  The Administrative Office of Pennsylvania Courts revealed via social media that the service had suffered a denial of service (DoS) attack.

Multiple attackers are currently exploiting a Server-Side Request Forgery (SSRF) vulnerability in Ivanti Connect Secure and Ivanti Policy Secure, tracked as CVE-2024-21893.

Three faculty members from UC San Diego's Department of Computer Science and Engineering (CSE) are some of the first academic researchers worldwide to receive Google's Trust and Safety Research Award.

Mastodon, the free and open-source decentralized social networking platform, has recently fixed a critical vulnerability that allows attackers to impersonate and take over any remote account.