Security Bulletin

The new standards are designed for two tasks: general encryption and digital signatures.

Cash may be king, but law enforcement keeps track of who spends it, especially when it's in the six-figure range.

This month we got patches for 92 vulnerabilities. Of these, 9 are critical, and 9 are zero-days (3 previously disclosed, and 6 are already being exploited). The CVEs CVE-2024-38189, CVE-2024-38178, CVE-2024-38193, CVE-2024-38106, CVE-2024-38213...

The CVSS 9.8 authentication bypass in Ivanti's traffic manager admin panel already has a proof-of-concept (PoC) exploit lurking in the wild.

Privilege escalation flaws in the healthcare chatbot platform could have allowed unauthorized cross-tenant access and management of other customers’ resources.

Earth Baku, yet another subgroup of the highly active and increasingly sophisticated collective, is moving into EMEA with new malware and living-off-the-land (LotL) tactics.

Computer infrastructure in the US, UK, and Germany associated with the cybercriminal group, which targeted SMBs using double extortion, is officially out of commission.

AI's proficiency at creating software code won't put developers out of a job, but the job will change to one focused on security, collaboration, and "mentoring" AI models.

The cybersecurity firm, which is known for its behavioral AI-powered platform, plans to use the funds to expand its customer base, develop new products, and prepare for an initial public offering in late 2025, according to co-founder and CEO Evan...

Unlike traditional security measures that focus on network, cloud, or endpoint defenses, ADR embeds security directly inside the application, offering real-time visibility and protection against threats targeting custom applications and APIs.