Security Bulletin

Allied Pilots Association, the pilot union of American Airlines with over 15,000 members, had some of its systems encrypted following a ransomware attack, which was initially discovered on Oct. 30, reports The Record, a news site by cybersecurity...

Singaporean public health organizations had their internet connectivity disrupted by ongoing distributed denial-of-service attacks from a still unknown threat actor, according to The Record, a news site by cybersecurity firm Recorded Future.

Threat actors could leverage Apple's "Find My" location network used for locating lost Apple devices to facilitate the exfiltration of keylogger-stored information, BleepingComputer reports.

Zero-day exploitation around the world was observed by the Cybersecurity and Infrastructure Security Agency to have significantly increased during the past month, with CISA Associate Director for Capacity Building Michael Duffy noting its impact on U...

BleepingComputer reports that persistent exploitation of Discord's content delivery network to facilitate malware hosting and distribution has prompted the instant messaging and VoIP social platform to deploy a new 24-hour expiration limit for all...

Android virtual private network apps in Google Play that have been subjected to a Mobile Application Security Assessment will have their Data safety section include the new "Independent security review" badge as part of Google's efforts to enhance...

Previously limited to initial access brokering, the Gootloader group has pivoted to a nasty post-compromise "GootBot" attack, each implant with its own C2.

With AI and publicly available data, cybercriminals have the resources they need to fake a real-life kidnapping and make you believe it.

Cybercriminals are abusing legitimate functions within cloud services, and providers can't totally stop them, especially when it comes to innovative approaches like this.

Multiple LockBit knock-off attacks in September targeting obsolete software foiled, exposing tactics and tools.