Security Bulletin

As companies adopt hybrid and multicloud systems, set to dominate by 2027, according to Gartner, the complexity of securing dispersed data becomes a major concern.

A vulnerability in the popular Python-based tool for building AI agents and workflows is under active exploitation, allowing for full system compromise, DDoS attacks, and potential loss or theft of sensitive data

The collaboration positions Aviatrix within the Wiz Integration Network and brings together Wiz’s agentless risk visibility and Aviatrix’s real-time network enforcement.

FedScoop reports that the U.S. Department of Commerce's Bureau of Industry and Security was discovered by the department's Office of Inspector General to have subpar cybersecurity threat detection and response capabilities.

The U.S. Securities and Exchange Commission has withdrawn proposed Biden-era cybersecurity rules that would have mandated investment firms and advisors to establish cyber risk-addressing policies and disclose significant cyber incidents over the past...

Attackers could achieve escalated SYSTEM privileges on Windows machines through the exploitation of a high-severity ASUS Armoury Crate system management software vulnerability, tracked as CVE-2025-3464, BleepingComputer reports.

Updates have been issued by Tenable to address a trio of high-severity security issues impacting its Nessus vulnerability scanner for Windows, reports Infosecurity Magazine.

TechCrunch reports that leading North American grocery wholesaler United Natural Foods, Inc., has disclosed significant progress in restoring its electronic ordering systems following a cyberattack nearly two weeks ago, which has led to food...

Though its operations are running smoothly, the airline warned customers and employees to exercise caution when sharing personal information online.

CISA issued a handful of alerts to address vulnerabilities in 10 industrial control appliances.

GrayAlpha uses custom loaders to deploy the NetSupport RAT backdoor.

Unlike typical data-stealing malware, this attack tool targets data specific to corporate and cloud infrastructures in order to execute supply chain attacks.