Security Bulletin

Cyberattackers injected the NFL Wild Card team's online Pro Shop with malicious code to steal credit-card data from 8,500 fans.

Two Mitel MiCollab bugs were added to the KEV catalog, while a patched Oracle WebLogic Server exploit is still under threat.

"Where Warlocks Stay Up Late" project speaks to hackers who have played pivotal roles in shaping the field of cybersecurity. The video interviews are complemented by an encyclopedia and an anthropological map.

Attackers are abusing a Microsoft 365 feature to send payment requests to users, tricking them into logging in to their accounts so attackers can seize control over them.

It’s clear that stationary views of identity security are no longer helpful.

In a recent blog post, ESET highlighted the heightened security risks tied to the termination of updates for Windows 10 scheduled for October 2025 and noted that cybercriminals are likely to exploit vulnerabilities once support ends.

The outage mainly affected users in Moscow, who experienced interruptions to mobile, cable internet, and television services.

The issue impacted Nessus Agent versions 10.8.0 and 10.8.1 and rendered agents offline in regions including the Americas, Europe, and Asia. Tenable halted plugin updates to contain the problem and later released version 10.8.2 to address the shutdown...

The attacks, which targeted key sectors such as telecommunications, transportation, and defense, have disrupted vital government services and heightened concerns about Taiwan’s digital vulnerabilities.

In a virtual meeting with China’s Vice Premier He Lifeng, U.S. Treasury Secretary Janet Yellen expressed serious concern regarding alleged malicious cyber activities perpetrated by actors sponsored by the People’s Republic of China.