Security Bulletin

A threat actor posted about the zero-day exploit on the same day that Fortinet published a warning about known vulnerabilities under active exploitation.

Blind spots in network visibility, including in firewalls, IoT devices, and the cloud, are being exploited by Chinese state-backed threat actors with increasing success, according to new threat intelligence. Here's how experts say you can get eyes on...

A new infostealer on the market is making big waves globally, replacing Lumma et al. in attacks and employing so many stealth, persistence, and anti-analysis tricks that it's downright difficult to count them all.

Some of the brightest minds in the industry will discuss how to strengthen cloud security.

As federal cybersecurity leadership falters, the private sector must take charge of national cyber resilience through frameworks, collaboration, and bold new leadership.

BleepingComputer reports that Fourlis Group, which operates IKEA stores in Greece, Bulgaria, Romania, and Cyprus, has lost $22.8 million in sales following a ransomware attack just two days before Black Friday, which disrupted store and e-commerce...

Washington state-based diagnostic testing services provider Laboratory Services Cooperative, which mainly caters to Planned Parenthood centers in 31 states, had information from 1.6 million individuals exfiltrated following a data breach in October...

Dutch information services firm Wolters Kluwer which counts American Airlines, BP, Boeing, and other Fortune 500 firms among its clients had its systems claimed to have been compromised in a cyberattack, which allegedly resulted in the theft of...

Organizations leveraging the Rockwell Automation Industrial Data Center, Inaba Denki Sangyo CHOCO TEI WATCHER mini-industrial cameras, and Hitachi Energy MicroSCADA Pro/X SYS600 have been urged by Cyble to remediate various critical and high-severity...

Rapid7 researchers have disclosed how attacks aimed at vulnerable Ivanti Connect Secure VPN instances impacted by the critical flaw, tracked as CVE-2025-22457, could result in remote code execution less than a week after a Chinese threat operation...

Already patched Fortinet FortiGate devices impacted by the CVE-2022-42475, CVE-2023-27997, and CVE-2024-21762, continued to provide read-only access to threat actors who established a symbolic link between the user file system and root file system in...