Security Bulletin

AI is increasingly embedded into threat detection and response tools, but hallucinations can lead to false positive and inaccurate guidance. The AI-associated risk can't be completely eradicated, but SecOps teams can take steps to at least limit the...

Cellebrite, a controversial digital forensics firm, is set to acquire virtualization vendor Corellium in a $170 million deal.

Cisco Talos researchers observed the new wiper malware in a destructive attack against an unnamed critical infrastructure organization.

The vulnerability, with a 9.9 CVSS score on a 10-point scale, results in different Cisco ISE deployments all sharing the same credentials as long as the software release and cloud platform remain the same.

Sophos researchers found this operation has similarities or connections to many other campaigns targeting GitHub repositories dating back to August 2022.

ConnectWise issued a patch to stave off attacks on ScreenConnect customers, but the company's disclosures don't explain what the vulnerability is and when it was first exploited.

SC Media opens nominations for its 12th annual Women in IT Security program, spotlighting leadership, resilience, and impact across the cybersecurity industry.

The US can't afford to wait for political consensus to catch up to technological change.

StateScoop reports that increasingly prevalent cybersecurity threats against Texas have prompted Gov. Greg Abbott to approve legislation establishing a new state Cyber Command at the University of Texas at San Antonio.

Congress has been urged by Federal Trade Commission Chair Andrew Ferguson to bolster its version of the Children's Online Privacy Protection Rule as the agency intensifies its clampdown on erring websites and service providers under its recently...

Valid account credentials without multi-factor authentication continued to be the dominant initial access vector in cyberattacks last quarter, accounting for 56% of all cybersecurity incidents during the first three months of 2025, Infosecurity...