Security Bulletin

Such active intrusions have prompted the flaw's inclusion in the Cybersecurity and Infrastructure Security Agency's Known Exploited Vulnerabilities catalog, with federal agencies urged to remediate unpatched instances by Oct. 23.

NIST standardized three algorithms for post-quantum cryptography. What does that mean for the information and communications technology (ICT) industry?

The threat landscape will only get worse in the months and years ahead – here’s how to prepare the company’s response to inevitable cyberattacks.

The FIN7 group is mounting a sophisticated malware campaign that spans numerous websites, to lure people with a deepfake tool promising to create nudes out of photos.

CeranaKeeper is bombarding Southeast Asia with data exfiltration attacks via file-sharing services such as Pastebin, OneDrive, and GitHub, researchers say.

Armed with a staggering arsenal of at least 20,000 different exploits for various Linux server misconfigurations, perfctl is everywhere, annoying, and tough to get rid of.

Generative AI is being used to make cyberscams more believable. Here's how organizations can counter that using newly emerging tools and reliable methods.

More than 267,000 internet-exposed routers are likely vulnerable to exploitation.

If properly executed, the exploit would allow an attacker to obtain remote code execution on the target server.

Despite a $10 million bounty on one member, APT45 is not slowing down, pivoting from intelligence gathering to extorting funds for Kim Jong-Un's regime.

Organizations can use this guide to make decisions about designing, implementing, and managing OT environments to ensure they are both safe and secure, as well as to enable business continuity for critical services.

All an attacker needs to exploit flaws in the Common Unix Printing System is a few seconds and less than 1 cent in computing costs.