Security Bulletin

Included in the stolen dataset were individuals' email addresses, mobile numbers, TikTok user IDs, usernames, nicknames, biographies, avatar URLs, profile links, account flags, and other metrics, according to Often9.

While the Canonical apport package flaw, tracked as CVE-2025-5054, could be leveraged to facilitate data leaks through PID-reuse, the systemd-coredump bug, tracked as CVE-2025-4598, could be abused to force crash a SUID process that would be replaced...

Organizations need to abandon perimeter-based security for data-centric protection strategies in today's distributed IT environments.

The US needs to establish a clear framework to provide reasonable guardrails to protect its interests — the quicker, the better.

Megjelent a SANS és a Nemzetbiztonsági Szakszolgálat Nemzeti Kibervédelmi Intézet közös kiadványának 2025. júniusi száma, melyben bemutatjuk azt a rosszindulatú szoftvert (malware), amely lehetővé teszi a kiberbűnözők számára, hogy hozzáférjenek...

The identity security community is set to descend onto Las Vegas for the annual Identiverse security conference.

EDDIESTEALER uses obfuscated Rust code and dynamic C2 tasking to evade and adapt.

A "highly active" Chinese threat group is taking proverbial candy from babies, exploiting known bugs in exposed servers to steal data from organizations in sensitive sectors.

The US Treasury said cryptocurrency investment schemes like the ones facilitated by Funnull Technology Inc. have cost Americans billions of dollars annually.

Security pros say the attack represents an attempt to compromise MSPs and move laterally across the supply chain.