Security Bulletin

The Oregon Department of Environmental Quality was reported by Oregon Public Radio to have had almost 2.4 TB of data containing 1.3 million files with sensitive employee details exposed by the Rhysida ransomware gang following the agency's...

Cybernews reports that Nova Scotia Power, which is the primary electric utility in the Canadian province, had some of its IT systems taken down following a cyberattack that resulted in the disruption of customer account access.

Dan Gorecki and Scott Brammer's interactive session during RSAC Conference 2025 encourages security professionals to rethink their security postures and address evolving and emerging risks.

Opportunistic threat actors targeted Portuguese and Spanish speakers by spoofing Portugal's national airline in a campaign offering compensation for delayed or disrupted flights.

Secretary Noem asks the cybersecurity community to get in touch with CISA to help reshape the agency to focus on finding efficiencies.

Leaders at federal research organizations DARPA, ARPA-I, and ARPA-H discussed the myriad obstacles in addressing critical infrastructure security at RSAC Conference 2025.

Framing cybersecurity as a national security priority, the DHS Secretary defended Trump-era reforms, accused CISA of mission drift, and signaled sweeping changes to federal cyber oversight.

CISO Partrick Opet warns us all to stay skeptical: but there’s no going back to the legacy days before the cloud and AI.

More than 2,500 test runs show the code analysis capabilities and limitations of popular models.

Cobalt's Gunter Ollmann unpacks the findings from the State of Pentesting Report 2025.