Security Bulletin

The attack used a stolen remote support SaaS API key to exfiltrate data from workstations in the Treasury Department's Office of Foreign Assets Control.

Any sense that macOS computers are immune from attacks is a farce, say security researchers.

The suit regarding Google’s “Web App & Activity” tracking options is scheduled for an August trial.

Cybersecurity experts say artificial intelligence will not just assist in coding , but will take the lead in many aspects of cybersecurity and business operations.

Join us Friday, Jan. 10 at 9:45 ET for liveblog coverage of this pivotal Supreme Court hearing. We will provide real-time updates, expert analysis, and key takeaways as the event unfolds.

CISOs need to recognize the new threats AI can present — while also embracing AI-powered solutions to stay ahead of those threats.

While the security flaw — which could be abused to facilitate arbitrary code execution — also impacts Ivanti Policy Secure versions older than 22.7R1.2 and Ivanti Neurons for ZTA Gateways older than 22.7R2.3, such devices have not been subjected to...

More files are being continuously added to the bucket, which has remained unprotected since its discovery in June, according to Cybernews researchers who disputed the purportedly end-to-end encrypted nature of the stored logs.

Information compromised in the breach included not only names, birthdates, email addresses, and phone numbers, but also Social Security numbers, driver's licenses, taxpayer IDs, payment details, and health and health insurance and billing data...

Unauthorized access to the database prompted the exfiltration of recruitment-related information from April 2016 to July 2024, including applicants' names, birthdates, email addresses, and employment history, but not their financial details...

Additional details regarding the incident, which was initially reported by independent tech news outlet 404media, remain uncertain but cybersecurity researchers John Hammond of Huntress and Marley Smith of RedSense have confirmed the veracity of the...

Infiltration of PowerSchool's PowerSource customer support portal via stolen credentials enabled threat actors to access a maintenance access tool enabling entry to SIS instances and the eventual exfiltration of data such as names and addresses, as...