Security Bulletin

As Israeli employees get called up for reserve military duty, the impact on their day jobs and employers is still being calculated.

Congratulations to all the researchers recognized in this quarter’s Microsoft Researcher Recognition Program leaderboard! Thank you to everyone for your hard work and continued partnership to secure customers. The top three researchers of the 2023 Q4...

Numerous cybersecurity researchers have already released their proof-of-concept exploits for a critical vulnerability impacting open-source automation server Jenkins on GitHub, reports BleepingComputer.

SecurityWeek reports that industrial organizations have been warned by the Cybersecurity and Infrastructure Security Agency regarding eight vulnerabilities impacting Westermo Lynx 206-F2G industrial Ethernet switches.

Washington, D.C.-based theater GALA Hispanic Theatre has successfully recovered $255,000 stolen from its bank account following a cyberattack, according to The Record, a news site by cybersecurity firm Recorded Future.

Major British cosmetics retailer Lush was claimed to have been compromised by the Akira ransomware operation, The Register reports.

All communications systems at the Kansas City Area Transportation Authority, which caters to seven Kansas and Missouri counties, have been disrupted by a ransomware attack on Jan. 23, which has since been claimed by the Medusa ransomware operation...

Numerous K-12 schools across the U.S. have already been impacted by data breaches since early this month, including California-based Glendale Unified School District and Fullerton Joint Union High School District, Montana-based Butte School District...

Mercedes-Benz data inadvertently leaked TechCrunch reports that Mercedes-Benz was discovered by RedHunt Labs to have had its internal data unintentionally leaked as a result of an internet-exposed employee authentication token on GitHub.

Artificial intelligence startup Anthropic disclosed that data from a "subset" of its customers has been exposed following its contractor's mistaken delivery of a file to a third party, according to VentureBeat.