Security Bulletin

Such newly secured funds would be allocated toward bolstering engineering and go-to-market teams, according to P0 Security, which offers a unified identity governance and administration and privileged access management solution that ensures human and...

No active exploitation of the vulnerability, which stemmed from the agent portal's untrusted data serialization issue, has been observed so far, according to Ivanti, which also patched nearly two dozen other critical and high-severity bugs in EPM...

Such database misconfiguration has leaked healthcare professionals' full names, birthdates, phone numbers, addresses, email addresses, work experiences, assigned jobs, communications with MNA Healthcare, hashed temporary passwords, and encrypted...

Russian state-sponsored threat group Coldriver has been suspected by the Free Russia Foundation of being behind the intrusion, which involved the targeting of several entities to exfiltrate internal documents, grant reports, and other correspondences...

Simultaneous target infiltration and reconnaissance, network compromise, and data exfiltration activities have been performed by Clusters Alpha, Bravo, and Charlie, respectively.

Attacks by Repellent Scorpius involving data theft and encryption commenced a month before the arrival of Cicada3301, with the source of data acquired by the group before the ransomware strain's emergence still uncertain.

After achieving reconnaissance and privilege escalation, RansomHub proceeded with the exploitation of TDSSKiller with a command line script or batch file that enabled kernel-level service interaction disabling the Malwarebytes Anti-Malware Service...

In the "PixHell" attack, sound waves generated by pixels on a screen can transmit information across seemingly impenetrable air gaps.

An attack dubbed "WordDrone" that uses an old flaw to install a backdoor could be related to previously reported cyber incidents against Taiwan's military and satellite industrial supply chain.

AI won’t solve all our problems, but it promises the cyber resilience that companies are looking for.

Since I&#x27m interested in malicious Python scripts, I found multiple samples that rely on existing libraries. The most-known repository is probably pypi.org[ 1] that reports, as of today, 567,478 projects! Malware developers are like regular...

As attacks on satellites rise with nation-state conflicts, the South Asian nation joins other space-capable countries in doubling down on cybersecurity.