Security Bulletin

As of May 2024, 68 leading technology companies already signed the pledge.

Officials at the City of Philadelphia have confirmed that 35,881 individuals had their personal and protected health information exfiltrated following the compromise of several email accounts from late May to late July 2023.

Under the legislation, the National Cyber Director would be mandated to establish a committee joined by the chief of the Office of Management and Budget's Office of Information and Regulatory Affairs, federal regulatory agency leaders, and other...

Up to 68 malicious iterations of the jQuery software have been distributed across GitHub, npm, and jsDelivr as part of a sophisticated supply chain intrusion.

Even the NSA leaves bugs in its software. In this case, it's the kind of cross-site issue that regularly slips past developers.

Attacks with the GuardZoo surveillance tool have been launched by a pro-Houthi threat operation to exfiltrate documents and photos from Middle Eastern militaries since 2019.

Included in the leak were information from Heritage's blogs and right-wing media site The Daily Signal, such as full names, usernames, passwords, and email addresses, as well as those belonging to the U.S. government.

The U.S. has spearheaded a global law enforcement operation dismantling nearly 1,000 accounts on X, formerly Twitter, and a pair of domains part of an artificial intelligence-powered bot farm.

Here are three ways security teams can mitigate ATOs

The tech giant has rolled out passkey support for account authentication within its Advanced Protection Program to complement existing compatibility with FIDO2 hardware keys.

Simple malware and simple TTPs play against a backdrop of complex geopolitical conflict in the Arab world.

The more sensitive data an organization collects, the more at risk it is to a cyberattack. Here's how to limit the damage.