Security Bulletin

Infiltration of a single user's email in a phishing attack between May 8 and May 9 allowed threat actors to compromise individuals' names, addresses, Social Security numbers, contact information, financial account details, health information...

The threat actor group recently took credit for a similar attack on Blue Yonder that affected multiple organizations, including Starbucks.

Numerous servers belonging to Kurita America have been compromised with ransomware beginning Nov. 29, resulting in the exfiltration of data belonging to its customers, employees, and business partners, according to a statement from the company, which...

Attackers were also able to exfiltrate and encrypt certain files as a result of the systems breach, said Artivion in a filing with the Securities and Exchange Commission, which noted that efforts to recover systems that have been shut down following...

Banking trojan gives attackers access to corporate credentials, apps, and data when employees run remote access sessions on their Androids.

Today, we face a formidable challenge: what was once a tool intended for seamless interaction has now become fertile ground for cyber threats and malicious actors.

Because the streaming service website offers no content restrictions, attackers are able to hijack and manipulate live streams.

The Nemesis and ShinyHunters attackers scanned millions of IP addresses to find exploitable cloud-based flaws, though their operation ironically was discovered due to a cloud misconfiguration of their own doing.

The software supply chain is a growing target, and organizations need to take special care to safeguard it.

A Chinese threat actor infiltrated several IT and security companies in a bring-your-own VS code, with an eye to carrying out a supply-chain-based espionage attack.

A ransomware group called Brain Cipher claims to have stolen more than a terabyte of compressed data.

The second zero-day vulnerability found in Windows NTLM in the past two months paves the way for relay attacks and credential theft. Microsoft has no patch, but released updated NTLM cyberattack mitigation advice.