Security Bulletin

Massachusetts teen Matthew Lane has admitted guilt over his involvement in the massive attack against online education software provider PowerSchool in December, according to NBC News.

BleepingComputer reports that the newly emergent VanHelsing ransomware-as-a-service operation has released its affiliate panel, data leak site, and Windows encryptor source codes after "th30c0der", one of its old developers, attempted to peddle such...

China and North Korea-aligned groups account for more than half of global attacks, and an increasing number of countries look to cyber to balance power in the region.

A vulnerability in Oracle database communications could allow an unauthenticated user to access system memory contents.

Phishing pages targeting mobile devices showed up at the top of Google search results.

Researchers noted that they found several similar websites, two of which are still operating and require the same kind of behavior on behalf of the victim.

Malware exported the victims' KeePass password databases to drop ransomware on VMWare ESXi datastores.

A hacker exploiting the security flaw in the mobile provider's network could have potentially located a call recipient with accuracy of up to 100 square meters.

TenableOne now pulls in data from AWS, Microsoft, and competitors to provide a holistic security view of the organization's attack surface.

Regeneron's acquisition of 23andMe raises significant privacy concerns as experts warn about the lack of comprehensive federal regulations governing the transfer of genetic information.

An employee inadvertently downloaded a malicious version of the legitimate RVTools utility, which launched an investigation into an attempted supply chain attack aimed at delivering the recently revived initial-access loader.