Security Bulletin

While a connection between DeepSeek and ByteDance has been established, the extent of transferred data remains uncertain, said the PIPC to South Korea's Yonhap News Agency. Such a development comes more than a week after a Security Scorecard report...

Infiltration of an internal secure file platform between Oct. 31 and Nov. 8 enabled the threat actor to pilfer a limited number of individuals' names and financial account details, said Finastra in its notification letter given to the Massachusetts...

Insight Partners disclosed immediately acting to contain and remediate the breach of some of its systems upon its discovery on Jan. 16, adding that an investigation has revealed no evidence suggesting persistent access to the impacted systems while...

Aside from impacting printed publication distribution, such an intrusion — which was not acknowledged as a ransomware attack — also interrupted billing, collections, and vendor payments, while temporarily limiting online operations, according to Lee...

TA2727's attack campaign, which were discovered in late January, entailed the insertion of malicious "Update" buttons on legitimate websites, which when clicked trigger automated DMG file downloads and the evasion of macOS Gatekeeper to eventually...

Despite featuring the same keystroke logging, screenshot capturing, and clipboard data gathering capabilities as earlier versions, such novel Snake Keylogger variant leverages an AutoIT-compiled binary as an executable file, which allows more...

Attacks conducted by BlackLock, which could be this year's most active ransomware group, involve the distribution of proprietary malware against Windows, VMware ESXi, and Linux systems for double extortion, an analysis from Reliaquest revealed.

By taking several proactive steps, boards can improve their organization's resilience against cyberattacks and protect their critical OT assets.

The campaign heavily uses Dropbox folders and PowerShell scripts to evade detection and quickly scrapped infrastructure components after researchers began poking around.

Acquisition strengthens Deepwatch Platform capabilities with actionable insights and risk-based prioritization.

Security consultancy Quarkslab said that the flaw could allow threat actors to bypass USB lockouts.

Attackers are using patched bugs to potentially gain unfettered access to an organization's Windows environment under certain conditions.