Security Bulletin

Four RCE vulnerabilities in Confluence, Jira, and other platforms, allow instance takeover and environment infestation.

Igor Tsyganskiy inherits the high-profile CISO spot in Redmond, while his predecessor, Bret Arsenault, is named chief security adviser.

Adobe patched CVE-2023-26360 in March amid active exploit activity targeting the flaw.

Malvertising schemes have been used by the Storm-0216 threat operation, also known as UNC2198 and Twisted Spider, to deploy the Danabot malware to achieve initial systems access before proceeding with the distribution of Cactus ransomware since last...

SecurityWeek reports that more than 700 organizations deploying artificial intelligence tools, including Microsoft, Google, and VMware, could have had their accounts compromised due to the 1,681 valid Hugging Face tokens enabling large language model...

More than 15,000 Go module repositories on GitHub accounting for at least 800,000 Go module variants could be compromised in repojacking attacks, The Hacker News reports.

Cyberattack disclosed by HTC Global Services following ALPHV/BlackCat leak After having its data exposed by the ALPHV/BlackCat ransomware attack, IT and business process services provider HTC Global Services has disclosed being impacted by a...

Florida's St. Johns River Water Management District has disclosed a cyberattack impacting its technology environment during the past week, according to The Record, a news site by cybersecurity firm Recorded Future.

Ransomware gang BlackSuit, formerly known as Royal, has taken credit for a cyberattack against Georgia's Henry Country Schools in early November, Cybernews reports.

More than 20 new vulnerabilities, including one critical vulnerability, enable denial-of-service attacks, remote code execution and more.

Austul USA, a military contractor, alerts law enforcement it quickly mitigated a recent cyberattack on its systems and that an investigation is ongoing.