A security researcher found a foolproof way to guarantee tech conferences accept his speaker submissions: hack their systems.

On Thursday, Microsoft shared mitigations for a high-severity Exchange Server vulnerability exploited in attacks that allow threat actors to execute arbitrary code via cross-site scripting (XSS) while ...

Education technology giant Instructure has confirmed that a security vulnerability allowed hackers to modify Canvas login portals and leave an extortion message. BleepingComputer has learned that both ...

D Yet another aggrieved bug hunter has leaked a vulnerability affecting a Microsoft product after becoming disillusioned with ...

Novee researchers discovered an account takeover vulnerability in the open source CFP management tool Pretalx.

XSS (Cross-Site Scripting) and CSRF (Cross-Site Request Forgery) are the two web vulnerabilities most easily confused in the exam. They are easy to confuse because they both involve the "victim's ...

Cybersecurity researchers have disclosed a vulnerability in Anthropic's Claude Google Chrome Extension that could have been exploited to trigger malicious prompts simply by visiting a web page. The ...

Microsoft has shared mitigations for CVE-2026-42897 until a permanent patch can be released for affected Exchange Server versions. Microsoft Exchange Server users are urged to immediately mitigate a ...

Weekly ThreatsDay recap: old bugs, fake tools, shady payload tricks, AI mishaps, and the usual reminder that the internet is ...

Its disclosure raises questions about what security researchers should expect from vendors, and how far in advance of its publication they should notify vendors about a bug. A vulnerability in ...

The CERT Division is a leader in cybersecurity. We partner with government, industry, law enforcement, and academia to improve the security and resilience of computer systems and networks. We study ...

TIP (Technical Internship Programme) details including status check, eligibility, benefits, premium rates and how to apply ...