Security Bulletin

Intrusions hijacking the eScan antivirus software's updating mechanism have been conducted by threat actors suspected to be linked to North Korean advanced persistent threat operation Kimsuky to facilitate the delivery of the sophisticated GuptiMiner...

North Korean state-sponsored advanced persistent threat operations Lazarus Group, Kimsuky, and Andariel were noted by South Korea's National Police Agency to have targeted several South Korean defense industry entities since late 2022 in a bid to...

Attacks increased by "only" 19% last year. But that number is expected to grow significently.

An exploit for the vulnerability allows unauthenticated attackers to escape a virtual file system sandbox to download system files and potentially achieve RCE.

Just like you should check the quality of the ingredients before you make a meal, it's critical to ensure the integrity of AI training data.

AI presents great risks, but also promises many benefits – here’s how we can walk that tightrope safely.

Arbitrary code in Lambda Layers may be unsafely executed in older versions of Keras.

Dark Reading talks cloud security with John Kindervag, the godfather of zero trust.

Growing attacks targeting the flaw prompted CISA to include it in the known exploited vulnerabilities catalog earlier this month.

An utterly innocuous feature in popular Git CDNs allows anyone to conceal malware behind brand names, without those brands being any the wiser.

Change Healthcare owner UnitedHealth Group acknowledges some customer protected health information leaked on dark web.