Security Bulletin

The remediated flaw gave adversaries a way to maintain access to the app through password resets.

Bad bots are becoming increasingly difficult to detect as they more easily mimic human behaviors and utilize evasion techniques, researchers say.

Researchers at Abnormal Security said threat actors are using a legitimate presentation and graphic design tool named "Gamma" in phishing attacks.

Experts say companies need to step up cybersecurity during ongoing U.S.-China tensions.

Customer data such as birth dates, credit card numbers and driver's license information were stolen when threat actors exploited zero-day vulnerabilities in Cleo-managed file transfer products.

Russia-backed APT29's latest campaign once again uses malicious invites to wine-tasting events as its lure, but this time targets a different set of vintages — errr, victims — and delivers a novel backdoor, GrapeLoader.

True security isn't about meeting deadlines — it's about mitigating risk in a way that aligns with business objectives while protecting against real-world threats.

Sysdig researchers detailed an ongoing campaign from China-backed threat actor UNC5174, which is using open source hacking tools to stay under the radar.

This proactive strategy integrates security across every phase of the software development lifecycle, helping detect vulnerabilities early, reduce attack surfaces, and meet regulatory standards like GDPR and HIPAA.

Docker and Kubernetes lead adoption, used by 59% and 39% respectively.

This move allows users to run AI and analytics workloads directly on Iceberg tables while benefiting from Snowflake’s built-in governance and resiliency features.