Security Bulletin

BleepingComputer reports that high-performance JavaScript bundler Rspack and customizable Vue.js UI library Vant had a trio of widely-used npm packages discovered by Sonatype and Socket researchers to have been breached to facilitate the distribution...

Malicious activity involving the new FlowerStorm phishing-as-a-service platform aimed at Microsoft 365 credentials has escalated following a technical issue that prompted the "partial" infrastructure collapse of the Rockstar2FA PhaaS platform last...

With the increased frequency of board reporting, CISOs need to ensure their interactions are brief, productive, and valuable.

Since October 2023, cyberattacks among countries in the Middle East have persisted, fueled by the conflict between Israel and Hamas, reeling in others on a global scale.

Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 gift card.

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2021-44207 Acclaim Systems USAHERDS Use of Hard-Coded Credentials Vulnerability These types of vulnerabilities are...

My last investigation is a file called “Albertsons_payment.GZ”, received via email. The file looks like an archive but is identified as a picture by TrID:

Threat actors associated with the notorious North Korean hacking outfit Lazarus Group are now setting their sites on targets in the nuclear power sector

This Tech Tip outlines what enterprise defenders need to do to protect their enterprise environment from the new NTLM vulnerability.

Dual Russian-Israeli national Rostislav Panev was arrested last August and is facing extradition to the US for playing a critical role in LockBit's RaaS activities, dating back to the ransomware gang's origins.

While a number of threat groups have used TP-Link bugs to infiltrate networks, a proposed ban of the company's popular routers is more about geopolitics than actual cybersecurity — and that may not be a bad thing.