Security Bulletin

Idan Plotnik, co-founder and CEO of Apiiro, discusses his company's application security platform's role in the AI era with Paul's Security Weekly co-host Jeff Man during RSAC 2025.

At RSAC 2025, experts say Secure by Design is delivering real wins — yet unchecked development speed and supply chain risks still threaten progress.

CyberArk researchers studied how specific neurons and layers of LLM architecture respond to prompts.

Details are scarce, so security experts say jumping to conclusions on who executed the alleged cyberattack is premature.

Campaigns lure victims with rewards in exchange for handing over their personal information.

The FBI has sought public information that would help identify Chinese state-backed Salt Typhoon hackers, reiterating an up to $10 million bounty from the U.S. State Department's Rewards for Justice Program for any details that would help in the...

Reuters reports that the U.S.'s cybersecurity defenses were regarded by former Cybersecurity and Infrastructure Security Agency Director Jen Easterly to be increasingly vulnerable against threats following President Donald Trump's retaliatory actions...

Critical Planet Technology switch vulnerabilities pose total takeover risk Total network device compromise is possible with attacks exploiting critical flaws impacting Planet Technology's network management systems and switches, reports Hackread.

Organizations using Ivanti Connect Secure and Pulse Secure VPN systems have been urged to update their instances following a ninefold increase in suspicious IP scanning activity recorded on Apr. 18, The Register reports.

Threat actors have been combining a pair of critical Craft CMS vulnerabilities to facilitate server compromise as part of ongoing attacks, according to BleepingComputer.

Security Affairs reports that cloud tenants in the education industry have been targeted by the Storm-1977 threat operation in password spraying attacks that facilitated cryptomining activities during the past 12 months.