Security Bulletin

If Attackers can abuse free online services, they will do for sure! Why spend time to deploy a C2 infrastructure if you have plenty of ways to use "official" services. Not only, they don't cost any money but the traffic can be...

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

The hallucination problem is not just pervasive, it is persistent as well, according to new research.

Cobalt’s State of Pentesting Report 2025 reveals how GenAI security lags behind adoption.

Makers of IoT and embedded devices are about to face stringent regulations around firmware development, documentation and support. Here's why they'll need automation to keep up.

Prodaft is currently buying accounts from five Dark Web forums and offers to pay extra for administrator or moderator accounts. The idea is to infiltrate forums to boost its threat intelligence.

The phishing-as-a-service (PaaS) kit targets Microsoft 365 and Gmail environments.

Cruise vacations are more popular than ever, with nearly 20 million Americans expected to set sail this year—up 4.5% from 2024. This boom is not just a post-pandemic rebound; cruise demand is now outpacing growth in the traditional hotel sector. By...

A threat actor posted about the zero-day exploit on the same day that Fortinet published a warning about known vulnerabilities under active exploitation.

Blind spots in network visibility, including in firewalls, IoT devices, and the cloud, are being exploited by Chinese state-backed threat actors with increasing success, according to new threat intelligence. Here's how experts say you can get eyes on...