Security Bulletin

In the future, the cybersecurity landscape likely will depend not only on the ability of federal workforces to protect their agencies but also on their capacity to continuously develop and sharpen those skills.

A new report from the Open Software Supply Chain Attack Reference (OSC&R) team provides a framework to reduce how much vulnerable software reaches production.

Given increased tensions with China over tariffs, companies could see a shift in attacks, but also fewer regulations and a run at a business-friendly federal privacy law.

A Nemzetbiztonsági Szakszolgálat Nemzeti Kibervédelmi Intézet (NBSZ NKI) tájékoztatót ad ki Ivanti Endpoint Manager (EPM), Ivanti Avalanche, Ivanti Connect Secure, Ivanti Policy Secure, és Ivanti Security Access Client szoftvertermékeket érintő...

The second day of Semperis’ HIP conference featured frank advice about recovering from a ransomware attack, the nature of business resilience and the importance of identity security.

The proposed rules codify existing temporary directives requiring pipeline and railroad operators to report cyber incidents and create cyber risk management plans.

Frenos offers a zero-impact, continuous security assessment platform for operational technology environments.

An exploit using a poisoned model could enable exfiltration of sensitive fine-tuned LLM adapters.

Several versions of PostgreSQL are impacted, and customers will need to upgrade in order to patch.

In addition to his prison sentence, he will have to pay more than $1 million in restitution to his victims.

Group-IB says the "RustyAttr" trojan could potentially be used in future attacks once the attackers make it more robust.