Security Bulletin

Feds confirmed Iran's involvement in the email attack against Roger Stone after Microsoft, Google reported Iranian APT action against both presidential campaigns.

Charming Kitten goes retro and consolidates its backdoor into a tighter package, abandoning the malware framework trend.

While the combined gross domestic product (GDP) of African nations grew fivefold in two decades, a lack of cybersecurity is holding back gains — although the jury is out on how much.

Networking vendor TP-Link has found itself under scrutiny from Congress over its links to the Chinese government.

The RCE vulnerability was leveraged in ransomware attacks targeting Indian banks.

Outlook, Teams, PowerPoint, OneNote, Excel, and Word undermine macOS's strict user permission-based privacy and security protections.

Multifactor authentication enforcement for Azure portal, Microsoft Entrata admin center, and Intune admin center will begin October.

Security pros say the flaws in six apps for macOS could let attackers take over cameras, microphones and screen recordings.

What is a Verizon Wireless demo store app doing on non-Verizon phones, and why is it a vehicle to an attacker?

Cyber incidents like this highlight the need for tougher action on companies that fail to adequately protect consumer data.

Organizations have been warned by the Cybersecurity and Infrastructure Security Agency regarding ongoing intrusions targeting SolarWinds Web Help Desk instances vulnerable to the critical Java deserialization flaw, tracked as CVE-2024-28986.