Security Bulletin

Cato Networks’ prompt injection exploit highlights the risks of external input to internal AI services.

As package registries find better ways to combat cyberattacks, threat actors are finding other methods for spreading their malware to developers.

Relying solely on AI for identity security overlooks essential human capabilities such as adaptability, creativity, and nuanced judgment.

Aflac incident comes four days after Google warned that Scattered Spider was attacking the U.S. insurance industry.

The communications company shared the discoveries of its investigation with government partners, but there is little information they can publicly disclose other than that there seems to be no impact on customers.

As geopolitical tensions rise, the use of cyber operations and hacktivists continues to grow, with the current conflict between Israel and Iran showing the new face of cyber-augmented war.

Securing the no-code supply chain isn't just about mitigating risks — it's about enabling the business to innovate with confidence.

Meta has revealed plans to roll out passkeys for Facebook on Android and iOS soon, as well as for Messenger in the coming months, in a bid to bolster user account security, The Hacker News reports.

Ukraine's Office of the Prosecutor General has disclosed the extradition of a suspected Ryuk ransomware hacker to the U.S. months after an arrest in Kyiv made at the behest of U.S. authorities, according to The Record, a news site by cybersecurity...

Updates have been issued by Cisco and Atlassian to address various high-severity security issues impacting their respective offerings, SecurityWeek reports.

BleepingComputer reports that U.S. multinational doughnut and coffeehouse chain Krispy Kreme had information from 161,676 individuals confirmed to be exfiltrated following a November ransomware attack claimed by the Play ransomware operation.