Security Bulletin

Most of the exposed secrets were GitHub install action tokens but their 24-hour expiration has restricted exploitation opportunities.

After achieving initial access by targeting vulnerable internet-exposed web and application servers, UAT-5918 utilized tools previously associated with Volt Typhoon and Flax Typhoon to facilitate lateral movement, credential and data theft, and...

Attackers, tracked under the UAC-0200 threat cluster, leveraged the Signal messaging app to deliver messages purportedly containing minutes of the meeting reports as archive files.

Threat actors have leveraged fake mailing-related apps to facilitate the distribution of Betruger, which has been integrated with network scanning, keylogging, privilege escalation, credential dumping, and other capabilities prevalent in tools often...

Exploitation of the the static credential flaw through the use of simple fixed passwords could facilitate the compromise of a log file exposed by the information disclosure bug.

The time to secure foundations, empower teams, and make cyber resilience the standard is now — because the cost of waiting is far greater than the investment in proactive security.

Tisztelt Ügyfelünk! A Nemzetbiztonsági Szakszolgálat Nemzeti Kibervédelmi Intézet (NBSZ NKI) riasztást ad ki a Microsoft szoftvereket érintő kritikus kockázati besorolású sérülékenységek kapcsán, azok súlyossága, kihasználhatósága és a szoftverek...

Tisztelt Ügyfelünk! A Nemzetbiztonsági Szakszolgálat Nemzeti Kibervédelmi Intézet (NBSZ NKI) tájékoztatót ad ki az Adobe szoftverfejlesztő cég termékeit érintő sérülékenységekkel kapcsolatban, azok súlyossága, valamint az egyes biztonsági hibákat...

One out of every 1,000 devices it encounters have either been rooted (Android) or jailbroken (iOS).

A massive cybercrime network known as "VexTrio" is using thousands of compromised WordPress sites to funnel traffic through a complex redirection scheme.

The Amazon Nova AI Challenge puts student research to the test and aims to bring a new perspective to challenges arising from the increase in AI-assisted software development.