Two malicious versions of Axios, the most downloaded JavaScript HTTP client library, were briefly published to NPM and contained a cross-platform RAT. Google has attributed the attack to suspected North Korean threat actor UNC1069.
API attacks surged 68% year-over-year as organizations struggle with shadow APIs, broken authorization, and inadequate rate limiting. Our analysis covers the key findings from the latest industry data.
Zero trust has moved from buzzword to operational reality. This practical guide covers the core principles, implementation roadmap, and common pitfalls of building a zero trust architecture.
Supply chain attacks have surged dramatically, targeting the trust relationships between software vendors, open-source ecosystems, and end users. We examine the evolving threat landscape and strategies for defense.
Google has released an emergency patch for a high-severity V8 type confusion vulnerability actively exploited in targeted attacks. All Chromium-based browsers are affected.
A major data breach at fintech startup PayNova has exposed payment card data and transaction histories for approximately 3 million users, raising serious questions about startup security practices and PCI DSS compliance.
Threat actors are leveraging large language models and deepfake technology to craft highly personalized phishing attacks at unprecedented scale. Traditional detection methods are struggling to keep pace.
The latest analysis of global internet traffic reveals that automated bot traffic accounts for 49.1% of all web requests, with malicious bots representing a growing share. E-commerce and financial services remain the most targeted sectors.
A comprehensive guide to implementing HTTP security headers — CSP, HSTS, X-Frame-Options, and more — with practical configuration examples for Apache, Nginx, and Cloudflare, plus common mistakes to avoid.
The European Union is tightening its data privacy framework with new regulations that go beyond GDPR. Here is what businesses operating in or serving EU markets need to understand about the latest compliance requirements.