Security Bulletin

Unreported vulnerabilities may lurk among thousands of the most popular NPM packages.

Three questions that will get your organization on the path to more effective DSPM.

Just in time for the US election season, one of the Kremlin's favorite hack-and-leak spy groups — Star Blizzard — has developed its very first custom backdoor.

A panel of CISOs acknowledged that artificial intelligence has boosted the capabilities of threat actors, but enterprise defenders are actually benefiting more from the technology.

Just like you and me, cyberattackers returned from winter break and immediately started sending thousands of emails.

These vulnerabilities are the second and third for Citrix but are not expected to be as detrimental as "CitrixBleed."

The Cisco and Schneider Electric Digital Building Solution reduces energy costs, manages building systems efficiently, and helps to create office spaces that facilitate collaboration and employee engagement.

TechCrunch reports that artificial intelligence-powered vulnerability detection and remediation platform Vicarius has pulled in $30 million from a Series B funding round, bringing total investment to nearly $56.7 million.

More robust authorities and increased independence from the private sector were noted by cybersecurity experts to be needed by the Department of Homeland Security's Cyber Safety Review Board to bolster its investigations into major cybersecurity...

BleepingComputer reports that ongoing attacks abusing zero-day flaws impacting Citrix NetScaler ADC and Gateway appliances, as well as Google Chrome have prompted their inclusion in the Cybersecurity and Infrastructure Security Agency's Known...

SiliconAngle reports that Intel, American Megatrends, and Phoenix Technologies have been confirmed to be impacted by nine vulnerabilities within the widely used Unified Extensible Firmware Interface firmware TianoCore EDK II dubbed "PixieFail," which...

Almost 71 million credentials from Facebook, Yahoo, Coinbase, and other sites have been exposed by the Naz.API dataset in the last four months, nearly 25 million of which were not observed in previous leaks, Ars Technica reports.