Security Bulletin

A new Cybersecurity and Infrastructure Security Agency (CISA) advisory warned ransomware actors have been actively exploiting a critical SimpleHelp flaw since January.

While there was still no evidence of exploitation, Trend Micro advises customers to patch right away.

Researchers say the latest vehicle for covert data extraction from secured systems could be sitting on your wrist.

Here’s five ways to set up a coding operation that reflects the growing presence of AI.

Proofpoint researchers discovered a large-scale campaign using the open source penetration-testing framework that has targeted more than 80,000 Microsoft accounts.

The Hacker News reports that ongoing security issues have prompted ConnectWise to schedule a rotation of digital code signing certificates for ScreenConnect, ConnectWise Remote Monitoring and Management, and ConnectWise Automate executables.

This alignment makes a successful CISO, but creating the same sentiment across business leadership creates a culture of commitment and greatly contributes to achieving goals.

Almost 80% of government agencies have failed to address software flaws for at least a year, while 55% had enduring vulnerabilities that could be exploited in attacks, indicating "critical" security debt, Cybersecurity Dive reports.

Cybernews reports that Asefa, the Spanish arm of major French insurance firm SMABT, has confirmed having been impacted by a cyberattack that disrupted certain systems but not its core business after the Qilin ransomware gang alleged stealing 210 GB...

Major South Korean ticketing platform and online book retailer Yes24 had its website and services taken down following a ransomware attack earlier this week, which was reported by local media outlets to have disrupted ticket preselling and events for...

T-Mobile had 64 million records purportedly stolen from its systems exposed on a data leak site, Cybernews reports.