Security Bulletin

If exploited, the critical vulnerability allows attackers to maintain access for longer periods of time than the original CitrixBleed flaw, all while remaining undetected.

At Identiverse 2025, Protect AI CISO Diana Kelley warned that artificial intelligence may be powerful, but it’s not always right. When it comes to identity, hallucinations can be dangerous — and trust must be earned.

In a recent intrusion, the notorious cybercriminal collective accessed CyberArk vaults and obtained more 1,400 secrets, subverted Azure, VMware, and Snowflake environments, and for the first known time, actively fought back against incident response...

Department of Justice indicts 25 year-old UK resident behind "IntelBroker" identity behind 40-plus cases.

Hackers can spy on tens of thousands of connected tractors in the latest IoT threat, and brick them too, thanks to poor security in an aftermarket steering system.

Insights from 18 months of cloud pentests reveal consistent failure patterns—and how security teams can evolve from checklist-driven practices to attacker-informed defense.

Putting a vulnerability debt figure together involves work, but having vulnerability debt figures lets you measure real-world values against your overall security posture.

Traditional security audits aren’t enough—cloud pentesting provides the real-world validation modern environments need to uncover dangerous blind spots and reduce risk. Here's how.

Cyber operations have become critical to national security, but the United States has fallen behind in one significant area — exploit production — while China has built up a significant lead.

National Security Agency senior executive Patrick Ware has been appointed as the U.S. Cyber Command's new executive director, replacing Morgan Adamski, who was noted to be entering the private sector.

The U.S. Department of Justice announced that Kansas City man Nicholas Michael Kloster has entered a guilty plea over his involvement in attacks against several organizations that had been conducted to promote the cybersecurity services he has been...

Hackread reports that UK national Kai Logan West, also known as IntelBroker, has been tracked down and charged by the FBI following a two-year probe into his illicit cyber activities.