Security Bulletin

The US government launched a self-attestation form asking software developers to affirm their software was developed securely. Compliance starts today for software used in critical infrastructure.

In response to recent public outcry, Recall is getting new security accouterments. Will that be enough to quell concerns?

A threat actor has accessed data belonging to at least 165 organizations using valid credentials to their Snowflake accounts, thanks to no MFA and poor password hygiene.

VoIP gear, hypervisors, medical equipment, building automation, printers, and more pose broad risk to organizations, with many facing danger from a combo of IT, IoT, and OT all at once. This listicle breaks it down.

Researchers issued an open letter to Microsoft requesting better security for its IDE marketplace.

Customers of embattled IT services provider Snowflake are being targeted for attacks using stolen credentials.

Pseudonymous masking has made credit card transactions more secure, but Visa has even greater plans for tokenization: giving users control of their data.

The tranche of data, lifted from underprotected GitHub repositories, reportedly includes source code, though the country's paper of record has not yet confirmed the nature of the data accessed.

Nvidia’s high-profile status in the market will lead to an increase in security research.

London cops make arrests in connection with scam SMS messages, purportedly from official organizations, being sent out from bespoke phone mast.