Security Bulletin

Digital certificates authorized by the authorities will no longer have trust by default in the browser starting in August, over what Google said is a loss of integrity in actions by the respective companies.

LummaC2 formerly accounted for almost 92% of Russian Market's credential theft log alerts. Now, the Acreed infostealer has replaced its market share.

Washington has long acknowledged the growing cyber threat posed by China. In national security circles, the refrain is clear—“China, China, China”— and for good reason. But recognition is no longer enough. The time for action is now.

Last week, Ryan Dewhurst disclosed an interesting and easily exploitable vulnerability in vBulltin. These days, bulletin boards are not quite as popular as they used to be, but they are still being used, and vBulletin is one of the most common...

CyberScoop reports that the Cybersecurity and Infrastructure Security Agency would have a budget of $2.4 billion, which is $495 million lower than last year, as well as lose 1,083 positions as part of the fiscal 2026 budget proposal presented by...

NSO Group has filed an appeal to reject last month's jury ruling that ordered a $167 million payment to WhatsApp after infecting over 1,400 users of the messaging app with spyware as part of an attack campaign six years ago, TechCrunch reports.

What happens when AI doesn't replace jobs, but fundamentally transforms how they're performed?

Volkswagen Group was claimed to have been compromised by the Stormous ransomware gang but the group's assertions have not been backed by adequate evidence, reports Cybernews.

SentinelOne has attributed widespread hours-long network connectivity outages last Thursday to an infrastructure control system vulnerability leading to the deletion of critical network routes and DNS resolver rules, according to Cybersecurity Dive.

If your CISO isn't wielding influence with the CEO and helping top leaders clearly see the flight path ahead, your company is dangerously exposed.

BleepingComputer reports that leading U.S. outdoor apparel and equipment brand The North Face has confirmed that its customers' data had been pilfered following a credential stuffing intrusion against its website in April.