FBI Confirms 630 Million Stolen Passwords — How To Check Yours Now

The FBI has confirmed that 630 million stolen passwords were found on devices belonging to a single hacker. Here's how to check if yours is one of them.
Developer Tech

Log4j downloads shows supply chain wake-up call ignored

Ongoing vulnerable Log4j downloads suggest the supply chain crisis wasn't the wake-up call it should have been.
Cyber Defense Magazine

From Noise to Signal: Making Static Application Security Testing (SAST) Work for Devs

In 2025, the average data breach cost in the U.S. reached $10.22 million, highlighting the critical need for early detection ...
InfoQ

InfoQ Java Trends Report 2025

This report summarizes how the InfoQ Java editorial team and several Java Champions currently see the adoption of technology ...

CISA orders feds to patch actively exploited Geoserver flaw

CISA has ordered U.S. federal agencies to patch a critical GeoServer vulnerability now actively exploited in XML External ...
SecurityWeek

Unpatched Gogs Zero-Day Exploited for Months

Threat actors have exploited a zero-day vulnerability in the Gogs self-hosted Git service to compromise over 700 ...

Google links more Chinese hacking groups to React2Shell attacks

Over the weekend, ​Google's threat intelligence team linked five more Chinese hacking groups to attacks exploiting the ...
SecurityWeek

Google Sees 5 Chinese Groups Exploiting React2Shell for Malware Delivery

Google has observed five China-linked threat groups exploiting the recently disclosed React2Shell vulnerability in their ...

Three critical vulnerabilities patched by SAP - here's what we know

The most critical bug fixed this time is a code injection vulnerability discovered in SAP Solution Manager ST 720, a specific ...