Security Bulletin

The latest version puts more emphasis on supply chain and AI agent security.

Gaps in laws, technology, and corporate accountability continue to put women's safety and privacy online at risk.

The FBI and partners have disrupted "the world's most popular malware," a sleek enterprise with thousands of moving parts, responsible for millions of cyberattacks in every part of the world.

Wiz researchers found an opportunistic threat actor has been targeting vulnerable edge devices, including Ivanti VPNs and Palo Alto firewalls.

The company expects it will continue to struggle with online disruptions until at least July, due to the attack.

Vixen Panda, Aquatic Panda — both Beijing-sponsored APTs and financially motivated criminal groups continued to pose the biggest threat to organizations in Central and South America last year, says CrowdStrike.

A number of major industrial organizations suffered ransomware attacks last quarter, such as PCB manufacturer Unimicron, appliance maker Presto, and more — a harbinger of a rapidly developing and diversifying threat landscape.

Kettering operates 14 medical centers and more than 120 outpatient locations in western Ohio.

Coinbase asserts that this number is only a small fraction of the number of its verified users, though it's still offering a $20 million reward to catch the criminals.

Attackers can exploit a vulnerability present in the delegated Managed Service Account (dMSA) feature that fumbles permission handling and is present by default.

The new equation, introduced by the National Institute of Standards and Technology (NIST), aims to offer a mathematical likelihood index that could be a game-changer for SecOps teams and vulnerability patch prioritization.

In February, we had a few diaries about crypto wallet scams. We saw these scams use YouTube comments, but they happened via other platforms and messaging systems, not just YouTube [1]. The scam was a bit convoluted: The scammer posted the secret key...