Security Bulletin

The popular generative AI (GenAI) model allows hallucinations, easily avoidable guardrails, susceptibility to jailbreaking and malware creation requests, and more at critically high rates, researchers find.

Over five years, Client Operations Leader Haneen J.'s career evolved—embracing empowerment, leadership, and connection through Cisco's unique culture.

CISA has added four vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-40891 Zyxel DSL CPE OS Command Injection Vulnerability CVE-2024-40890 Zyxel DSL CPE OS Command Injection...

CISA released two Industrial Control Systems (ICS) advisories on February 11, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-319-17 2N Access Commander (Update A...

In the changing landscape of network security, the combination of Universal Zero Trust Network Access and Hybrid Mesh Firewalls offers a powerful defense.

In 2024 and 2025, we built innovations that are both accelerating the pace of AI innovation AND helping our customers adopt and integrate AI into their business safely, securely, and cost-effectively. Read highlights of the announcements made this...

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

An international law enforcement operation targeting the Phobos-linked group was led by German authorities.

Improvements in cyber hygiene and resiliency made it possible for victim organizations to skip paying ransom amounts in 2024.

The likely Vietnam-based threat actor has been using two zero-days in VeraCore's warehouse management software in some of its latest cyberattacks.

After claiming responsibility for the ransomware attack in 2024, the "Embargo" ransomware group posted 1.15 terabytes of stolen data to its public Tor site.