Security Bulletin

Updates have been issued by Google to resolve an actively exploited zero-day vulnerability impacting its Chrome browser, tracked as CVE-2025-6554, which is the fourth Chrome zero-day addressed by Google so far this year, The Hacker News reports.

SecurityWeek reports that organizations, particularly those in critical infrastructure sectors, could be remotely compromised through the exploitation of a trio of flaws impacting Microsens' NMP Web+ offering, which allows management of industrial...

North Carolina's City of Thomasville was purported to have been compromised by the INC Ransom ransomware-as-a-service operation, reports Cybernews.

We are revolutionizing infrastructure management with natural language queries. Here’s everything you need to know:

By using social engineering tactics, threat actors are able to manipulate their victims into saving and renaming files that will backfire against them.

Cisco Security and Splunk protected Cisco Live San Diego 2025 in the Security Operations Center. Learn about the latest innovations for the SOC of the Future.

Cisco Security and Splunk protected Cisco Live San Diego 2025 in the Security Operations Center. Learn about the latest innovations for the SOC of the Future.

The attack uses sideloading to deliver a variant of the popular Gh0stRAT malware and lures victims by posing — among other things — as a purported installer for DeepSeek's LLM.

Historically, North Korean threat actors have applied for outsourced IT support positions at U.S. firms.

The ransomware sample contained “oddities” including encryption of its own ransom note.

Just as attackers have used SEO techniques to poison search engine results, they could rinse and repeat with artificial intelligence and the responses LLMs generate from user prompts.