Security Bulletin

Russian paramilitary troop Wagner Group-linked disinformation campaigns have continued unabated months after the death of the group's leader Yevgeniy Prigozhin, according to The Record, a news site by cybersecurity firm Recorded Future.

Organizations in Italy, Sweden, and Poland have been targeted by expanded attacks with the Mispadu banking trojan, also known as URSA, as part of an ongoing campaign that originally targeted financial, commercial, automotive manufacturing, and...

Five new automated privacy management solutions have been added by Microsoft to its Priva service in a bid to bolster organizations' adherence to personal data privacy requirements, SiliconAngle reports.

BleepingComputer reports that Google has been working on curbing browser cookie theft with the new Device Bound Session Credentials functionality in Chrome as it prepares to remove third-party cookies from the browser.

Binarly has issued a free online tool that would facilitate scanning a newly discovered backdoor and maximum severity vulnerability in xz tools and libraries used by major Linux distributions, tracked as CVE-2024-3094, across Linux binaries amid...

More than 60,000 WordPress sites with the WP-Members Membership Plugin could be compromised with arbitrary script injections due to a high-severity cross-site scripting vulnerability, tracked as CVE-2024-1852, reports SecurityWeek.

More stringent security controls under the European Union's Cyber Resilience Act have resulted in a new partnership between the Apache Software Foundation, OpenSSL Software Foundation, Eclipse Foundation, and four other open source foundations to...

ZDNET reports that the accelerated artificial intelligence growth has prompted the U.S. and the UK to join hands in bolstering AI safety and testing.

Ibis Budget hotels across Europe had keypad codes that could be leveraged for room entry exposed due to a security flaw impacting its self check-in kiosks, SecurityWeek reports.

Ongoing compromise of the UK's Leicester City Council that began in early March has been claimed by the INC Ransom extortion operation, which admitted in a post on its leak site to have stolen 3 TB of data from the city council before immediately...

A voluntary labeling program offers dividends at home and abroad and will secure the IoT ecosystem across important verticals such as energy, healthcare, and manufacturing.

Tactics include “tricking” the AI into believing it is in “development mode” or roleplaying.