Security Bulletin

Since WinRAR 7.10, not all Mark-of-The-Web data (stored in the Zone.Identifier Alternate Data Stream) is propagated when you extract a file from an archive.

Wireshark release 4.4.8 fixes 9 bugs.

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Country Digital Acceleration is powering Spain’s digital future—building skills, innovation, and secure infrastructure for a more connected nation.

While this emerging technology offers many benefits, digital twins also have several drawbacks, as these convincing impersonations can be used in social engineering attacks.

A red teamer is publishing research next month about how weaknesses in modern security products lay the groundwork for stealthy implants in AI-powered applications.

National authorities have issued seven arrest warrants in total relating to the cybercrime collective known as NoName057(16), which recruits followers to carry out DDoS attacks on perceived enemies of Russia.

Our bulletin covering coordinated influence operation campaigns terminated on our platforms in Q2 2025.

Malicious actors already have already pounced on the zero-day vulnerability, tracked as CVE-2025-53770, to compromise US government agencies and other businesses in ongoing and widespread attacks.

We cannot keep reacting to vulnerabilities as they emerge. We must assume the presence of unknown threats and reduce the blast radius that they can affect.

A Nemzetbiztonsági Szakszolgálat Nemzeti Kiberbiztonsági Intézete (NBSZ NKI) felhívja a figyelmet a PerfektBlue néven ismertté vált sebezhetőségekre, amelyek a BlueSDK Bluetooth-keretrendszert érintik, és világszerte több millió jármű infotainment...

Since the ongoing “ToolShell” exploitation campaign, in which threat actors attack on-premise Sharpoint servers using a chain of two recently published vulnerabilities[ 1, 2, 3], is still on top of the cyber security news[ 4, 5, 6, 7], I thought...