WordPress Plugin Used in 1M+ Websites Patched to Close Critical Bug
The privilege escalation flaw is one in thousands that researchers have disclosed in recent years.
Research examines attack methods, defenses, and vulnerabilities, helping security teams understand risks and improve protection.
Search across headline titles and summaries.
Background for this topic.
Research is the systematic study of technologies, systems, attack methods, vulnerabilities, and defensive techniques to establish evidence and produce new findings. In information security, it includes work such as discovering flaws in software or protocols, analyzing malware and attacker behavior, testing cryptographic designs, and evaluating security controls. News under this tag may describe a proof of concept, a measurement study, or a proposed technique rather than a confirmed real-world attack.
For practitioners, research can change how risks are prioritized and mitigated. A demonstrated vulnerability may require vulnerability-management teams to verify affected assets, apply fixes, or add compensating controls; responsible disclosure gives developers time to assess and remediate before technical details enable exploitation. Research involving live systems, personal data, or offensive tooling also raises privacy, authorization, dual-use, and ethical concerns. Sound findings should state their assumptions, scope, limitations, and reproducibility, since laboratory results do not automatically show that an attack is practical in every environment.
The privilege escalation flaw is one in thousands that researchers have disclosed in recent years.
Cybersecurity researchers have discovered an ongoing phishing campaign that makes use of a unique attack chain to deliver the XWorm malware on targeted systems
A previously undocumented and mostly undetected variant of a Linux backdoor called BPFDoor has been spotted in the wild, cybersecurity firm Deep Instinct said in a technical report published this week
New data shows cyberattacks targeting software supply chains will cost the global economy $80.6 billion annually by 2026.
The threat is coming from inside the supply chain Black Hat Asia Threat groups have infected millions of Androids worldwide with malicious firmware before the devices have even been shipped from their manufacturers, according to Trend Micro researchers at Black Hat Asia.…
The findings come from security researchers at Cisco Talos
Disconnect between security and business goals had negative consequences for 89% of respondents and increased the success of cyberattacks at one in four companies.
Adding a single character to a function in the previous Outlook patch rendered that fix useless, researchers say.
Security researchers have shared a new Python-based ransomware recovery tool named 'White Phoenix' on GitHub, which lets victims of ransomware strains that use intermittent encryption recover their files for free. [...]
Cybersecurity researchers have shared details about a now-patched security flaw in Windows MSHTML platform that could be abused to bypass integrity protections on targeted machines
What can you do if someone steals your keys but you can't change the lock? We explain the dilemma in plain English.
The advanced persistent threat (APT) actor known as SideWinder has been accused of deploying a backdoor in attacks directed against Pakistan government organizations as part of a campaign that commenced in late November 2022
Cybersecurity researchers have shed light on a new ransomware strain called CACTUS that has been found to leverage known flaws in VPN appliances to obtain initial access to targeted networks
The suspected Pakistan-aligned threat actor known as SideCopy has been observed leveraging themes related to the Indian military research organization as part of an ongoing phishing campaign