Security Bulletin

SecurityWeek reports that updates have been issued by Ivanti to address a pair of zero-day vulnerabilities in its Endpoint Manager Mobile offering, which have been chained in ongoing attacks that were confirmed to have impacted very few of its...

With critical infrastructure facing constant cyber threats from the Typhoons and other corners, federal agencies and others are warning security for the OT network, a core technology in many critical sectors, is not powered up enough.

A Nemzetbiztonsági Szakszolgálat Nemzeti Kibervédelmi Intézet (NBSZ NKI) riasztást ad ki a Microsoft szoftvereket érintő kritikus kockázati besorolású sérülékenységek kapcsán, azok súlyossága, kihasználhatósága és a szoftverek széleskörű...

A Nemzetbiztonsági Szakszolgálat Nemzeti Kibervédelmi Intézet (NBSZ NKI) tájékoztatót ad ki az Adobe szoftverfejlesztő cég termékeit érintő sérülékenységekkel kapcsolatban, azok súlyossága, valamint az egyes biztonsági hibákat érintő aktív...

Palo Alto Networks researchers spot instances where threat actors are using AI platforms.

The EUVD, maintained by ENISA, compiles information from the CVE program, CSIRTs and vendors.

Salary savings come with hidden costs, including insider threats and depleted cybersecurity defenses, conveying advantages to skilled adversaries, experts argue.

A new study by researchers at Princeton University and Sentient shows it's surprisingly easy to trigger malicious behavior from AI agents by implanting fake "memories" into the data they rely on for making decisions.

Organizations face the complex challenge of accurately measuring their cyber-risk across multiple variables. Resilience's risk calculator tool can help organizations measure their cyber-risk based on their own factors so that they can make informed...

The security software maker said the vulnerabilities in Endpoint Manager Mobile have been exploited in the wild against "a very limited number of customers" — for now — and stem from open source libraries.

A second zero-day flaw was found in addition to exploitation of Netweaver by ransomware groups.

Saviynt's Amit Saha breaks down the shortcomings of legacy IAM.