Security Bulletin

SecurityWeek reports that the Oregon Department of Environmental Quality had more than 2.5 TB of data claimed to have been compromised by the Rhysida ransomware operation in an attack last week following the agency's assertion that none of its data...

Newly emergent artificial intelligence-based presentation tool Gamma has been exploited in multi-stage phishing attacks involving redirections to fake Microsoft login pages, reports The Hacker News.

CISA funded the CVE program for another 11 months – can the industry get its act together in such a short time?

Gartner projects IT security spending in the MENA region will continue to increase in 2025, with security services accounting for the most growth.

An Indian disaster-relief flight delivering aid is the latest air-traffic incident, as attacks increase in the Middle East and Myanmar and along the India-Pakistan border.

Nearly 9 in 10 apps tested by Zimperium used encryption that did not adhere to best practices.

The lesserknown ransomware group uses fake updaters on compromised sites to lure victims.

The attacks have been going on since shortly after Microsoft patched the vulnerability in March.

Researchers discovered new variants of the malware, which is tied to a China-nexus threat group, targeting Windows environments of critical infrastructure networks in Europe.

Trend Micro researchers detailed an emerging ransomware campaign by a new group known as "CrazyHunter" that is targeting critical sectors in Taiwan.

Changes aim to tighten integration with the National Institute of Standards and Technology's Cybersecurity Framework and help organizations develop a stronger posture to handle privacy risks.

A fix for a critical flaw in a tool allowing organizations to run GPU-accelerated containers released last year did not fully mitigate the issue, spurring the need to patch a secondary flaw to protect organizations that rely on NVIDIA processors for...