Security Bulletin

Bad package takes aim at AI apps that contain MacOS data, CI/CD pipelines, and AWS tokens.

Journalists' Microsoft accounts were breached, which would have given attackers access to emails of staff reporters covering national security, economic policy, and China.

The emerging threat group attacks the supply chain via weaponized repositories posing as legitimate pen-testing suites and other tools that are poisoned with malware.

Here’s how automation can secure the organization’s documents.

AI-generated synthetic identity fraud is accelerating at an unprecedented pace, reshaping the global threat landscape and exposing gaps in traditional identity verification systems, TechRadar reports.

A former employee of Evoke Wellness in Hilliard, Ohio, is facing criminal charges for allegedly stealing and selling the personal data of at least 240 addiction treatment patients, reports Cybernews.

Third-party risks are increasing dramatically, requiring CISOs to evolve from periodic assessments to continuous monitoring and treating partner vulnerabilities as their own to enhance organizational resilience.

A surge in financial aid fraud fueled by artificial intelligence is overwhelming U.S. community colleges, leaving identity theft victims like Heather Brady and Brittnee Nelson saddled with loans they never applied for, reports the Associated Press.

Tools for Humanity, the identity verification startup co-founded by OpenAIs Sam Altman, is bringing its iris-scanning Orbs to the UK as part of its broader global expansion, according to Fortune.

SiliconANGLE reports that Veza has launched a new Nonhuman Identity Security product to help enterprises manage the growing challenge of machine identities across cloud, SaaS, on-premise, and hybrid environments.

TechCrunch reports that 23andMe has been acquired by co-founder and former CEO Anne Wojcicki's nonprofit TTAM Research Institute for $305 million after leading U.S. biotechnology firm Regeneron Pharmaceuticals, which was initially reported to...

Businesses around the world continued to be most concerned about the threat of cyberattacks in the coming year, according to Cybersecurity Dive.