Security Bulletin

Ongoing targeting of vulnerable OT/ICS devices should prompt critical infrastructure entities to replace default passwords, activate multi-factor authentication, implement firewall protection for human-machine interfaces, and ensure up-to-date...

Integrating generative AI into your business model creates new risks as well as new rewards. Here's how to counter those risks.

SBOMs offer great insight into the software supply chain, but it takes strong controls to make the code secure. .

Researchers have uncovered one of the first examples of threat actors using artificial intelligence chatbots for malware creation, in a phishing attack spreading the open source remote access Trojan.

Who needs advanced malware when you can take advantage of a bunch of OSS tools and free cloud services to compromise your target?

The latest draft version of NIST's password guidelines simplifies password management best practices and eliminates those that did not promote stronger security.

Attackers can remotely add rogue admin accounts using the authentication bypass flaw.

The FBI, NSA and CNMF joined forces to warn the public of a looming threat posed by a massive botnet.

The company said the rogue update that caused disruptions on a global scale resulted from a "perfect storm" of issues.

There will be four major categories in the 2025 retread of the hacking competition, with prizes ranging for each challenge, from $20,000 to half a million.

The state-sponsored advanced persistent threat (APT) is going after high-value communications service provider networks in the US, potentially with a dual set of goals.

Though the critical vulnerability was patched in August, Ivanti is reminding customers to update as soon as possible as attacks from unauthenticated threat actors start circulating.