Security Bulletin

The global Internet helps just about everything to scale more easily, including piracy and ad fraud.

Public-facing vulnerabilities, cloud sprawl, access to back-end servers are just a few of the challenges travel and hospitality companies must address.

The vulnerability carries nearly the highest score possible on the CVSS scale, at 9.8, impacting a system used by major companies around the world.

Social-engineering attacks that lead users to fake VPN sites targeted employees at more than 130 U.S. companies.

Higher rewards of up to $250,000 will be given by Google for the discovery of memory corruption flaws in the Chrome browser shown to achieve remote code execution using a non-sandboxed process as part of a more robust vulnerability reward program.

Included in the exposed .env file were Applause's credentials for Marketo, SalesForce, and Gotowebinar systems, which could result in the compromise of sensitive customer information, marketing details, and operational and financial data from its...

"The Company's investigation of the incident remains ongoing. Based on the Company's current knowledge of the facts and circumstances related to this incident, the Company believes that this incident is not material," said Dick's in a filing with the...

While Microchip has not provided any comment regarding the claims, Play's admission a full week after the company's breach disclosure to the Securities and Exchange Commission reveals an extension from the 72-hour deadline given for a ransom payment.

After being downloaded through an obfuscated PowerShell command, the new LummaC2 variant facilitates the execution of an AES-encrypted second-stage payload, which would enable malicious code injection into a Windows process to establish command-and...

Despite being initially developed to disable security systems, PoorTry — also known as BurntCigar — has since been updated to allow the removal of security software's crucial dynamic link libraries and executable files in a RansomHub attack last...