Security Bulletin

New infections of NSO Group's Pegasus spyware have been discovered by mobile threat hunting firm iVerify across seven of 2,500 scanned iPhones, one of which belonged to an unnamed major business leader, who was in disbelief when informed about the...

Malicious apps spoofing the Google Chrome, Google Play Store, and Android Security apps have been leveraged to lure targets into downloading DroidBot Android banking trojan, which not only enables keystroke logging and fake login page overlaying but...

Impacted by the attack were versions 1.95.6 and 1.95.7 of the library, which were downloadable through for nearly five hours on Dec. 2 before being removed, noted Solana Web3.js maintainers.

The cybersecurity industry faces a growing crisis in attracting and retaining SOC analysts.

The "Census of Free and Open Source Software" report, which identifies the most critical software projects, sees more cloud infrastructure and Python software designated as critical software components.

With the introduction of generative artificial intelligence (AI) into the SOC, we're on the cusp of something truly revolutionary.

Here’s how security teams can adapt to today's convergence of cybersecurity and geopolitics.

A 2024. 49. hetére vonatkozó hírválogatás, amely az NBSZ NKI által 2024.11.29. és 2024.12.05. között kezelt incidensek statisztikai adatait is tartalmazza.

We are excited to introduce LLMail-Inject, a new challenge focused on evaluating state-of-the-art prompt injection defenses in a realistic simulated LLM-integrated email client. In this challenge, participants assume the role of an attacker who sends...

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

The major USAID contractor says unauthorized access continued up to 25 days after the intrusion was first detected.