Security Bulletin

Hewlett Packard Enterprise has launched a probe into a possible data breach after its credentials that were allegedly stolen in a cyberattack were posted by IntelBroker on hacking forums, reports BleepingComputer.

Almost 150 Android devices across India and Pakistan have been compromised by suspected Indian state-sponsored threat operation PatchWork in a new attack campaign leveraging mostly messaging apps that have been laced with the VajraSpy remote access...

Mexico has been subjected to attacks with a new variant of the Mispadu banking trojan that involved the exploitation of a high-severity Windows SmartScreen vulnerability patched by Microsoft in November, according to The Hacker News.

SecurityWeek reports that numerous Mitsubishi Electric factory automation products were disclosed to have been affected by serious security vulnerabilities, including a critical remote code execution flaw, tracked as CVE-2023-6943, and a high...

Increasingly prevalent abuse of commercial spyware tools around the world has prompted the U.S. to introduce a new policy that would prohibit visas for individuals profiteering from commercial spyware, developing spyware, and managing companies...

France, the UK, the US, and others will work on a framework for the responsible use of tools like NSO Group's Pegasus, and Shadowserver Foundation gains £1 million investment.

Full 10s on the CVSS vulnerability severity scale have been assigned to two flaws discovered in Fortinet's FortiSIEM cybersecurity operations platform.

Airbus-owned NAVBLUE fixed the issue after a penetration testing firm disclosed the problem to the company.

Google researchers bring to light the rise of the commercial surveillance industry and its potential impact on businesses.

The cyberattackers used SQL injection and XSS to target 65 retail companies and job recruiters, stealing databases with unique emails and other sensitive records.

More than six million VPNs are now deployed on devices in the United Arab Emirates.

Multiple threat actors have begun exploiting one of four recently discovered flaws afflicting the vendor’s VPN and network gateway products.