Security Bulletin

Even after their zero-day turned into an n-day, attackers known as Marbled Dust or Sea Turtle continued to spy on military targets that had failed to patch Output Messenger.

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

The rollout of new rules around the Cybersecurity Maturity Model Certification by the U.S. Department of Defense is pushing government contractors to upgrade their internal security practices and protections

The malicious package also uses Unicode steganography to evade detection.

Discover how Cisco Networking Academy is empowering the next generation of tech leaders with accessibility at the forefront.

Nucor made it clear its investigation is still in the early stages and didn't specify the nature or scope of the breach, nor who the threat actor might be.

The startup, which previously launched the Acra platform, aims to address data management issues by isolating and compartmentalizing access to reduce fallout from system compromises.

Fraudsters worldwide apply for money from the US government using stolen and forged identities, making off with hundreds of billions of dollars annually.

CVE-2025-4632, a patch bypass for a Samsung MagicInfo 9 Server vulnerability disclosed last year, has been exploited by threat actors in the wild.

Google suspects Scattered Spider targeted UK retailers Marks & Spencer, the Co-op and Harrods.

Celebrating Cisco’s leaders recognized in CRN’s 2025 Women of the Channel list for their visionary leadership, transformative impact, and dedication to driving innovation and measurable outcomes across our ecosystem.