Security Bulletin

The rollout of new rules around the Cybersecurity Maturity Model Certification by the U.S. Department of Defense is pushing government contractors to upgrade their internal security practices and protections

The malicious package also uses Unicode steganography to evade detection.

Nucor made it clear its investigation is still in the early stages and didn't specify the nature or scope of the breach, nor who the threat actor might be.

Fraudsters worldwide apply for money from the US government using stolen and forged identities, making off with hundreds of billions of dollars annually.

CVE-2025-4632, a patch bypass for a Samsung MagicInfo 9 Server vulnerability disclosed last year, has been exploited by threat actors in the wild.

Google suspects Scattered Spider targeted UK retailers Marks & Spencer, the Co-op and Harrods.

This bulletin includes coordinated influence operation campaigns terminated on our platforms in Q1 2025. It was last updated on May 15, 2025.JanuaryWe terminated 12 YouT…

As threat actors continue to hop on the train of exploiting CVE-2025-31324, researchers are recommending that SAP administrators patch as soon as possible so that they don't fall victim next.

The Record reports that Marks & Spencer may seek up to $133 million in cyber insurance coverage after a major digital incident disrupted operations last month, highlighting the scale of financial damage such attacks can cause.

Law enforcement agencies from five countries, with support from Europol and Eurojust, have dismantled a transnational crime syndicate that defrauded over 100 individuals of more than 3 million through fake investment schemes, Infosecurity Magazine...

We're at an inflection point. AI is changing the game, but the rules haven't caught up.