Security Bulletin

While Microsoft has noted that leveraging the flaw — which was discovered by Microsoft employees Apoorv Wadhwa, Gautam Peri, and an anonymous researcher — could allow privilege escalation without authentication, additional details regarding its...

Malicious ads with time-limited offers and countdowns have been leveraged by threat actors to lure downloads of the predatory loan apps, which would seek unneeded permissions for SMS, contact, call record, phone storage, calendar, microphone, and...

Russian programmer Mikhail Pavlovich Matveev — who has been accused of being involved with the LockBit, Hive, and Babuk ransomware operations — has reportedly been apprehended and indicted by Russian authorities for developing data encrypting...

Alder Hey Children's Hospital got hit with a ransomware attack, while the nature of an incident at Wirral University Teaching Hospital remains undisclosed.

The playbooks that accompany your incident response plan provide efficiency and consistency in responses, help reduce downtime and dwell time, and can be a cost-saving and reputational-saving measure for your organization.

Microsoft is readying a new release of Windows in 2025 that will have significant security controls, such as more resilient drivers and a "self-defending" operating system kernel.

Whether it's detecting fraudulent activity, preventing phishing, or protecting sensitive data, AI is transforming cybersecurity in ridesharing.

Fixes have been released by IBM to address numerous product vulnerabilities, the most serious of which are a pair of high-severity remote code execution bugs in its Data Visualization Manager and Security SOAR offerings, reports SecurityWeek.

Nearly 50% of over 200,000 WordPress sites with the Spam protection, Anti-Spam, FireWall by CleanTalk plugin were discovered to remain impacted by a pair of critical authorization bypass vulnerabilities, tracked as CVE-2024-10542 and CVE-2024-10781...

SiliconAngle reports that a Netcraft study has revealed an increase in the use of artificial intelligence large language models in crafting fake online stores and deceptive content during the Black Friday shopping period.

Active intrusions involving a critical web security flaw impacting Array Networks AG and vxAG secure access gateways have resulted in the bug's inclusion into the Cybersecurity and Infrastructure Security Agency's Known Exploited Vulnerabilities...