Security Bulletin

The ransomware is rudimentary with basic functionalities, likely having been created by an inexperienced developer — but it's effective at locking up files and sucking up memory capacity.

The threat group used CVE-2024-38112 and a "zombie" version of IE to spread Atlantida Stealer through purported PDF versions of reference books.

Bad actors are launching unprecedented waves of attacks against government agencies — and the federal government is woefully underprepared.

Such a deal — which commenced only weeks ago when Google Cloud CEO Thomas Kurian approached the startup that initially had no plans of being acquired — could close within the next 10 days.

Major security software provider Kaspersky has disclosed plans to gradually cease its U.S. operations beginning July 20, nearly a month after the U.S. Department of Commerce prohibited the sales and import of Kaspersky-branded software.

Patagonia, a U.S. outdoor recreation clothing retailer, was hit by a class action lawsuit alleging California privacy law violations stemming from its usage of services from artificial intelligence-powered customer service provider Talkdesk.

Threats to critical infrastructure are worse than ever, says Glenn Corn, ICIT's Sr. Director of Geopolitics and Global Threat Assessment.

While Microsoft dubbed the flaw as a high-severity spoofing bug, such an issue was disclosed by ZDI to be a remote code execution vulnerability that requires a higher severity rating.

Despite being both remote code execution and race condition flaws, CVE-2024-6409 poses a "lower" immediate impact due to the issues being present in the privsep child process with fewer privileges.

PyPi has immediately moved to revoke the authentication token, which had been given to PyPI Admin EE Durbin before March 3, 2023, reported JFrog researchers.

As we approach the opening ceremony, cybersecurity experts are gearing up to face an array of potential cyber threats