Security Bulletin

Nearly 50,000 WordPress websites continue to be using versions of the Backup Migration plugin impacted by a critical flaw, tracked as CVE-2023-6553, nearly a week after patches have been released, BleepingComputer reports.

Louisiana-based medical association Lafourche Medical Group and the Department of Health and Human Services have reached a $480,000 settlement for a cyberattack in 2021 that resulted in the compromise of protected health information from 34,862...

California's Tri-City Medical Center had some of its data leaked by the INC RANSOM extortion group following a cyberattack in early November, KPBS-TV reports.

There's a new way for hackers to abuse the cloud, this time with data analysts and scientists in the crosshairs.

Nearly 130,000 individuals had their data confirmed to be compromised following a ransomware attack against major U.S. cold storage and logistics firm Americold in April, reports The Record, a news site by cybersecurity firm Recorded Future.

Data breach confirmed by Toyota Financial Services BleepingComputer reports that Toyota Motor Corporation subsidiary Toyota Financial Services has disclosed that its German customers had their data compromised following an intrusion against some of...

Advanced persistent threat operation Sandman and Chinese threat cluster Storm-0866, also known as Red Dev 40, had significantly similar attack techniques as evidenced by the coexistence of their LuaDream and KEYPLUG malware, respectively, in the same...

Nearly two dozen critical infrastructure organizations across the U.S., including an oil and gas pipeline and a Hawaii-based water utility, had their computer systems infiltrated by Chinese state-sponsored threat operations during the past 12 months...

Apache releases drop-in replacement and upgrade for critical security flaw that is similar to vulnerability that led to 2017 Equifax breach.

It's important for Congress to strengthen protections for AI and set guardrails to make sure it isn't used maliciously.

Attackers can inject and execute arbitrary PHP code using a flaw in Backup Migration, which has been downloaded more than 90K times.